From a4aeefb08d2ed5fb10a94fe3df63910db7827d33 Mon Sep 17 00:00:00 2001
From: dglFromAtt <dgl@research.att.com>
Date: Wed, 3 Apr 2019 23:16:06 +0000
Subject: [PATCH] Add client cert PEM files for authenticated requests

Note also relocated AAF cert artifacts since they are used by
both docker images created in this repo.

Change-Id: I539c0062ab9bc573e610bc7669d78e9528e2aace
Signed-off-by: dglFromAtt <dgl@research.att.com>
Issue-ID: DMAAP-1142
---
 certs/README                                       |  55 +++++++++++++++++++++
 certs/ca.pem                                       |  30 +++++++++++
 certs/client.pem                                   |  30 +++++++++++
 certs/key.pem                                      |  34 +++++++++++++
 .../misc => certs}/org.onap.dmaap-bc.cred.props    |   0
 .../misc => certs}/org.onap.dmaap-bc.crontab.sh    |   0
 {dmaap-bc/misc => certs}/org.onap.dmaap-bc.jks     | Bin
 {dmaap-bc/misc => certs}/org.onap.dmaap-bc.keyfile |   0
 .../org.onap.dmaap-bc.location.props               |   0
 {dmaap-bc/misc => certs}/org.onap.dmaap-bc.p12     | Bin
 {dmaap-bc/misc => certs}/org.onap.dmaap-bc.props   |   0
 .../misc => certs}/org.onap.dmaap-bc.showpass      |   0
 .../misc => certs}/org.onap.dmaap-bc.trust.jks     | Bin
 dbc-client/misc/dbc-client                         |  31 ++++++++++--
 dbc-client/pom.xml                                 |  23 ++++++++-
 dbc-client/src/main/resources/Dockerfile           |   8 ++-
 dbc-client/version.properties                      |   2 +-
 dmaap-bc/pom.xml                                   |  30 ++++++-----
 dmaap-bc/version.properties                        |   2 +-
 19 files changed, 223 insertions(+), 22 deletions(-)
 create mode 100644 certs/README
 create mode 100644 certs/ca.pem
 create mode 100644 certs/client.pem
 create mode 100644 certs/key.pem
 rename {dmaap-bc/misc => certs}/org.onap.dmaap-bc.cred.props (100%)
 rename {dmaap-bc/misc => certs}/org.onap.dmaap-bc.crontab.sh (100%)
 rename {dmaap-bc/misc => certs}/org.onap.dmaap-bc.jks (100%)
 rename {dmaap-bc/misc => certs}/org.onap.dmaap-bc.keyfile (100%)
 rename {dmaap-bc/misc => certs}/org.onap.dmaap-bc.location.props (100%)
 rename {dmaap-bc/misc => certs}/org.onap.dmaap-bc.p12 (100%)
 rename {dmaap-bc/misc => certs}/org.onap.dmaap-bc.props (100%)
 rename {dmaap-bc/misc => certs}/org.onap.dmaap-bc.showpass (100%)
 rename {dmaap-bc/misc => certs}/org.onap.dmaap-bc.trust.jks (100%)

diff --git a/certs/README b/certs/README
new file mode 100644
index 0000000..2f7f410
--- /dev/null
+++ b/certs/README
@@ -0,0 +1,55 @@
+Procedure to create pem files for curl use within dbc-client container.
+
+1. Download certificate artifacts from AAF
+1b.  Remember to run the showpass step to capture the cleartext passwords.  Assume this will be in a file with suffix .showpass.
+1c.  Add AAF artifacts to buscontroller project under buscontroller/certs
+
+2. Display passwords in showpass file
+
+	ubuntu@dgl-rancher:~/dublin/buscontroller/certs$ cat *showpass
+	cadi_truststore_password=8b&R5%l$l:@jSWz@FCs;rhY*
+	cadi_keystore_password_jks=Y@Y5f&gm?PAz,CVQL,lk[VAF
+	cadi_key_password=2U[iOZzMHI:.#tdCwlBqc;}S
+	cadi_keystore_password=2U[iOZzMHI:.#tdCwlBqc;}S
+	cadi_keystore_password_p12=2U[iOZzMHI:.#tdCwlBqc;}S
+	Challenge=9H83TErBrN!u?;]1iCK@&69?
+	2019-03-22T17:38:32.447+0000: Trans Info
+		 REMOTE Show Password 2214.6292ms
+
+3. copy the value for cadi_keystore_password_p12 into clipboard
+
+4. Use openssl to create pem files.  NOTE: paste pwd from step 3 to all answers.
+
+	ubuntu@dgl-rancher:~/dublin/buscontroller/certs$ openssl pkcs12 -in ./org.onap.dmaap-bc.p12 -out ca.pem -cacerts -nokeys
+	Enter Import Password:
+	MAC verified OK
+
+	ubuntu@dgl-rancher:~/dublin/buscontroller/certs$ openssl pkcs12 -in ./org.onap.dmaap-bc.p12 -out client.pem -clcerts -nokeys
+	Enter Import Password:
+	MAC verified OK
+
+	ubuntu@dgl-rancher:~/dublin/buscontroller/certs$ openssl pkcs12 -in ./org.onap.dmaap-bc.p12 -out key.pem -nocerts
+	Enter Import Password:
+	MAC verified OK
+	Enter PEM pass phrase:
+	Verifying - Enter PEM pass phrase:
+
+5. Confirm new pem files are created: 
+
+	ubuntu@dgl-rancher:~/dublin/buscontroller/certs$ ls -l
+	total 52
+	-rw-rw-r-- 1 ubuntu ubuntu 1759 Apr  3 14:52 ca.pem
+	-rw-rw-r-- 1 ubuntu ubuntu 1791 Apr  3 14:53 client.pem
+	-rw-rw-r-- 1 ubuntu ubuntu 1997 Apr  3 14:55 key.pem
+	-rw-rw-r-- 1 ubuntu ubuntu 1159 Apr  3 11:59 org.onap.dmaap-bc.cred.props
+	-rw-rw-r-- 1 ubuntu ubuntu  751 Apr  3 11:59 org.onap.dmaap-bc.crontab.sh
+	-rw-rw-r-- 1 ubuntu ubuntu 3613 Apr  3 11:59 org.onap.dmaap-bc.jks
+	-rw-rw-r-- 1 ubuntu ubuntu 2074 Apr  3 11:59 org.onap.dmaap-bc.keyfile
+	-rw-rw-r-- 1 ubuntu ubuntu  289 Apr  3 11:59 org.onap.dmaap-bc.location.props
+	-rw-rw-r-- 1 ubuntu ubuntu 4151 Apr  3 11:59 org.onap.dmaap-bc.p12
+	-rw-rw-r-- 1 ubuntu ubuntu  629 Apr  3 11:59 org.onap.dmaap-bc.props
+	-rw-rw-r-- 1 ubuntu ubuntu  365 Apr  3 11:59 org.onap.dmaap-bc.showpass
+	-rw-rw-r-- 1 ubuntu ubuntu 1413 Apr  3 11:59 org.onap.dmaap-bc.trust.jks
+
+6. pem files can now be included in docker image
+
diff --git a/certs/ca.pem b/certs/ca.pem
new file mode 100644
index 0000000..bf61a81
--- /dev/null
+++ b/certs/ca.pem
@@ -0,0 +1,30 @@
+Bag Attributes
+    friendlyName: CN=intermediateCA_9,OU=OSAAF,O=ONAP,C=US
+subject=/C=US/O=ONAP/OU=OSAAF/CN=intermediateCA_9
+issuer=/OU=OSAAF/O=ONAP/C=US
+-----BEGIN CERTIFICATE-----
+MIIEdTCCAl2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADAsMQ4wDAYDVQQLDAVPU0FB
+RjENMAsGA1UECgwET05BUDELMAkGA1UEBhMCVVMwHhcNMTgwODE3MTg1MTM3WhcN
+MjMwODE3MTg1MTM3WjBHMQswCQYDVQQGEwJVUzENMAsGA1UECgwET05BUDEOMAwG
+A1UECwwFT1NBQUYxGTAXBgNVBAMMEGludGVybWVkaWF0ZUNBXzkwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0HHUkba3uNtNI3jPKimUcd6RNwmhSCJL
+neMWpnjqp5/A+HCKyNsEaT4y177hNLmCm/aMm1u2JIfikc+8wEqLCSBBPz+P0h+d
+o+sZ7U+4oeQizdYYpEdzHJ2SieHHa8vtu80rU3nO2NEIkuYC20HcKSEtl8fFKsk3
+nqlhY+tGfYJPTXcDOQAO40BTcgat3C3uIJHkWJJ4RivunE4LEuRv9QyKgAw7rkJV
+v+f7guqpZlXy6dzAkuU7XULWcgo55MkZlssoiErMvEZJad5aWKvRY3g7qUjaQ6wO
+15wOAUoRBW96eeZZbytgn8kybcBy++Ue49gPtgm1MF/KlAsp0MD5AgMBAAGjgYYw
+gYMwHQYDVR0OBBYEFIH3mVsQuciM3vNSXupOaaBDPqzdMB8GA1UdIwQYMBaAFFNV
+M/JL69BRscF4msEoMXvv6u1JMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0B
+AQsFAAOCAgEADxNymiCNr2e37iLReoaxKmZvwox0cTiNAaj7iafRzmwIoY3VXO8Q
+ix5IYcp4FaQ7fV1jyp/AmaSnyHf6Osl0sx8PxsQkO7ALttxKUrjfbvNSVUA2C/vl
+u5m7UVJLIUtFDZBWanzUSmkTsYLHpiANFQKd2c/cU1qXcyzgJVFEFVyyHNkF7Is+
++pjG9M1hwQHOoTnEuU013P7X1mHek+RXEfhJWwe7UsZnBKZaZKbQZu7hEtqKWYp/
+QsHgnjoLYXsh0WD5rz/mBxdTdDLGpFqWDzDqb8rsYnqBzoowvsasV8X8OSkov0Ht
+8Yka0ckFH9yf8j1Cwmbl6ttuonOhky3N/gwLEozuhy7TPcZGVyzevF70kXy7g1CX
+kpFGJyEHXoprlNi8FR4I+NFzbDe6a2cFow1JN19AJ9Z5Rk5m7M0mQPaQ4RcikjB3
+aoLsASCJTm1OpOFHfxEKiBW4Lsp3Uc5/Rb9ZNbfLrwqWZRM7buW1e3ekLqntgbky
+uKKISHqVJuw/vXHl1jNibEo9+JuQ88VNuAcm7WpGUogeCa2iAlPTckPZei+MwZ8w
+tpvxTyYlZEC8DWzY1VC29+W2N5cvh01e2E3Ql08W1zL63dqrgdEZ3VWjzooYi4ep
+BmMXTvouW+Flyvcw/0oTcfN0biDIt0mCkZ5CQVjfGL9DTOYteR5hw+k=
+-----END CERTIFICATE-----
diff --git a/certs/client.pem b/certs/client.pem
new file mode 100644
index 0000000..8a2719d
--- /dev/null
+++ b/certs/client.pem
@@ -0,0 +1,30 @@
+Bag Attributes
+    friendlyName: dmaap-bc@dmaap-bc.onap.org
+    localKeyID: 54 69 6D 65 20 31 35 35 33 32 37 36 32 35 39 35 31 37 
+subject=/CN=dmaap-bc/emailAddress=/OU=dmaap-bc@dmaap-bc.onap.org/OU=OSAAF/O=ONAP/C=US
+issuer=/C=US/O=ONAP/OU=OSAAF/CN=intermediateCA_9
+-----BEGIN CERTIFICATE-----
+MIIEOjCCAyKgAwIBAgIIWY+5kgf/UHgwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UE
+BhMCVVMxDTALBgNVBAoMBE9OQVAxDjAMBgNVBAsMBU9TQUFGMRkwFwYDVQQDDBBp
+bnRlcm1lZGlhdGVDQV85MB4XDTE5MDMyMjE3MzczOVoXDTIwMDMyMjE3MzczOVow
+dTERMA8GA1UEAwwIZG1hYXAtYmMxDzANBgkqhkiG9w0BCQEWADEjMCEGA1UECwwa
+ZG1hYXAtYmNAZG1hYXAtYmMub25hcC5vcmcxDjAMBgNVBAsMBU9TQUFGMQ0wCwYD
+VQQKDARPTkFQMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAIbXUfdwsXG5h0rGBPk55GVNVVyUgsr9FGXEY/tueagFcseO6mM9M0R8
+FUJU5tdYx6N70nT0qOVfJoT/fwannISriV7AchAZ9WUDr+SHSaQNEJ7ieeNGTa7F
+gJ1+he+b4Yhn/lg88gfWgFGXssgAcFWN24kwrXLckyEs0yATFYXoYKBTLAy+RGtS
+SoxWynFCwPUgKh48ntg5ixxgQkGTfWWT4sQTBDmseOTQqtPI4rIeLi+F1QkDNtNJ
+Ykh0AgThFUQyfQo5U8mRhja09VH26py21ixQtiHip5YHDo5O+kquTAdMvsxRJwOP
+0QxcsQ9dwbEnmCga4R1ovRgpgjukUvMCAwEAAaOB+zCB+DAJBgNVHRMEAjAAMA4G
+A1UdDwEB/wQEAwIF4DAgBgNVHSUBAf8EFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+VAYDVR0jBE0wS4AUgfeZWxC5yIze81Je6k5poEM+rN2hMKQuMCwxDjAMBgNVBAsM
+BU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVU4IBBzAdBgNVHQ4EFgQU
+dqzcMO4LYabneetqEM+7SLQjd/YwRAYDVR0RBD0wO4IIZG1hYXAtYmOCIGRtYWFw
+LWJjLmFwaS5zaW1wbGVkZW1vLm9uYXAub3Jngg1kbWFhcC1iYy5vbmFwMA0GCSqG
+SIb3DQEBCwUAA4IBAQBRC/5AB+KljMFKTGO6GYqwD21Sh5IbofpeUTAqFsg79l+q
+/tehho2y/5ZfccL1ChBm09QY2Xit1ObWqOTEQmchNxhKCLfrSEi3/r9tYwqf698u
+3DIprR0Y24ShNw9nAejmNQ8GfPiLhtQ8wPLvNrpUTguC8xKgVqX0VEWLSRNBIVL1
+IiKcamhvuj3t5Sp9PIP02Ig1DvB5lnCJkA+XBCN3B8qTRltTA/FHHMDiDRShWX/V
+XjLZm7tvuyWQYddrSgEfJVClQtVDYnfRGmpGAsR4Mqxg3l0SojRpiEfiKBwVn3dj
+7ScB3lVlq5cUyS45NbSK0p/Ln24t4ahknPw1/W44
+-----END CERTIFICATE-----
diff --git a/certs/key.pem b/certs/key.pem
new file mode 100644
index 0000000..626808e
--- /dev/null
+++ b/certs/key.pem
@@ -0,0 +1,34 @@
+Bag Attributes
+    friendlyName: dmaap-bc@dmaap-bc.onap.org
+    localKeyID: 54 69 6D 65 20 31 35 35 33 32 37 36 32 35 39 35 31 37 
+Key Attributes: <No Attributes>
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIF5PqSgjMov0CAggA
+MBQGCCqGSIb3DQMHBAixJfKmWd1DMgSCBMjTM5MC/ph+HtvXlN2+UuYTJ2wgobmn
+jsNJPEjbRgljxn+hK5MAPwXMwIHqjfYU+OArQjnpkrZmp+FOQf3wLum12u/Nk7/B
+IjBQqNum6NXdWdv6+ldhW9SEwSO1ILSogF12A3KuJA9B4E9z0MvyduRVDxFFiEjX
+sWR3p6DlUCzaazU6QzxKY7tn4LPv3mQDUJpARdMFfEha/Pd9b7lnpHu5p1UjyzPu
+8SZQ5ygwdsFmyxmzqn/zQwDT6l4XHkLxvtHJWtQ2I2wyNMIHJB14rlLzqputKU6C
+yErm6uazN+sVzYjsJblJ3CMK9ugbeeg4sLyz6rsl3aZMhHG++EPAh99JXMVE4/2l
+ShzKPwO+BKqfIp8tSYgpHUKo64nwtTqRYZ3eEVRkDaOIaff9faXsM90wKzzQbVC5
+c/M9rOkwB+OVwC5HWGcZQMKc1a4VFPe/jv/ULlFQEiyxEliCTdNMmFA6cG3qRv8B
+M9p3rNg6xAWny3rS0n47JhJalD8Fn05Pevyr4OSMsLJXt673S+uFCCx2r86H7sw6
+PWdNmD9OWOr4BSBRiD/oe3U+lgZp361W/ueyuDORbyLwlMA/aMvDKDJmmn9Ah9Qs
+X4hBWUO7GUw0N+uVC71QhGPhPheG9BmawXAByPCDVf6UAAGnruzcqnE1MVmdAFw0
+OEW21fLXpYVrMyA2QOtjPnutN/KVUVjI1ly9lwgnnkDMUWoEKKXIBHBXv2kMTLeD
+xKCMjd7vO6VjzumnwuX9opPME1pFN8IaN7YqkK8K4Rp43FiVl0GcShLr8oRAqhBN
+QCW42DRFoEr1xyzgZQ4S8A1GV4EfAZytg+saD6S+0UQtEQXrRHFhIK8Yo6r5JxP6
+eN7A41WHkmz1gcp3WwE/oRymA9E54jxPvtGOvoYi6Y2PNP0XqJLaq97moUC9N2YR
+Ssie7RJ3N1qMmo2auxRzMcZjt/HlQo8qI0FJeM1uv+CIZbslCGWFrQ/tEt13KCjX
+mE0PBy8yLZuTM5gLSdK3qy6s5sw7ekEYYYvt/boe8puM/i/eEEHtIq/EXvJ9ub4W
+jeM/uI0ajxhiS06bYMzdfmqsYLgpGlzERHCbf0o26s3CVPug+GWyVaxwohBG5Dpq
+wmLsAeqVyULKaEOuruGmmrUL2mAiFYxVbTNR9xg5MX1jV8dduTshvBJGsqBBCl6m
+2vct4Beev77b9jP7FMUuHlXp4wDeFkY5s34Jqd35zt1iDKnZvbbDL1f/Ilf3G/Ab
+n2XED6DfsjNSxNB06zMJ0h15aW+XDZ9XodqL45YSjAT28Jlp+2oqLv5+8b+l0JGF
+CdeMP6YRRzGYBJ4g9GoP7AQK6Ba2bo9oPeTxO9nJiPTtcJAI3PtOte9su7C6ZBtt
+IOUM5w+lpsZ/0ekQC3jURAAlpcx73sYqwsSqz8YX5cmhqGGLcpsFipmJvkEv9oMP
+J/BWNn/rd16Gx+74j1U29IselWCXz2N+Un5Ke5n0J5oGJx42d1Vxaj97HSamvd25
+0+GyGEMd9hQZjEdlyYRtwuSEECtwQnBBSWZezYW41HClyZ1ZpfCkXXAFGgX5COuj
+5Bfp9vDfQkIny6kH9rRyXLSAJb9ISLENH3jjY2rwV0+0UvR6Un2rgTp8HxBClJyf
+cbE=
+-----END ENCRYPTED PRIVATE KEY-----
diff --git a/dmaap-bc/misc/org.onap.dmaap-bc.cred.props b/certs/org.onap.dmaap-bc.cred.props
similarity index 100%
rename from dmaap-bc/misc/org.onap.dmaap-bc.cred.props
rename to certs/org.onap.dmaap-bc.cred.props
diff --git a/dmaap-bc/misc/org.onap.dmaap-bc.crontab.sh b/certs/org.onap.dmaap-bc.crontab.sh
similarity index 100%
rename from dmaap-bc/misc/org.onap.dmaap-bc.crontab.sh
rename to certs/org.onap.dmaap-bc.crontab.sh
diff --git a/dmaap-bc/misc/org.onap.dmaap-bc.jks b/certs/org.onap.dmaap-bc.jks
similarity index 100%
rename from dmaap-bc/misc/org.onap.dmaap-bc.jks
rename to certs/org.onap.dmaap-bc.jks
diff --git a/dmaap-bc/misc/org.onap.dmaap-bc.keyfile b/certs/org.onap.dmaap-bc.keyfile
similarity index 100%
rename from dmaap-bc/misc/org.onap.dmaap-bc.keyfile
rename to certs/org.onap.dmaap-bc.keyfile
diff --git a/dmaap-bc/misc/org.onap.dmaap-bc.location.props b/certs/org.onap.dmaap-bc.location.props
similarity index 100%
rename from dmaap-bc/misc/org.onap.dmaap-bc.location.props
rename to certs/org.onap.dmaap-bc.location.props
diff --git a/dmaap-bc/misc/org.onap.dmaap-bc.p12 b/certs/org.onap.dmaap-bc.p12
similarity index 100%
rename from dmaap-bc/misc/org.onap.dmaap-bc.p12
rename to certs/org.onap.dmaap-bc.p12
diff --git a/dmaap-bc/misc/org.onap.dmaap-bc.props b/certs/org.onap.dmaap-bc.props
similarity index 100%
rename from dmaap-bc/misc/org.onap.dmaap-bc.props
rename to certs/org.onap.dmaap-bc.props
diff --git a/dmaap-bc/misc/org.onap.dmaap-bc.showpass b/certs/org.onap.dmaap-bc.showpass
similarity index 100%
rename from dmaap-bc/misc/org.onap.dmaap-bc.showpass
rename to certs/org.onap.dmaap-bc.showpass
diff --git a/dmaap-bc/misc/org.onap.dmaap-bc.trust.jks b/certs/org.onap.dmaap-bc.trust.jks
similarity index 100%
rename from dmaap-bc/misc/org.onap.dmaap-bc.trust.jks
rename to certs/org.onap.dmaap-bc.trust.jks
diff --git a/dbc-client/misc/dbc-client b/dbc-client/misc/dbc-client
index 8df970c..775f719 100644
--- a/dbc-client/misc/dbc-client
+++ b/dbc-client/misc/dbc-client
@@ -35,6 +35,12 @@ REQUESTID=${REQUESTID:-dbc-client}
 DBC=${DBC:-dmaap-bc}
 PROTO=${PROTO:-https}
 PORT=${PORT:-8443}
+WAIT_TO_EXIT=${WAIT_TO_EXIT:-N}
+PEMDIR=${PEMDIR:-/opt/app/osaaf/local}
+CAPEM=${CAPEM:-ca.pem}
+CLIENTPEM=${CLIENTPEM:-client.pem}
+KEYPEM=${KEYPEM:-key.pem}
+CERTPWD=${CERTPWD:-"2U[iOZzMHI:.#tdCwlBqc;}S"}
 
 
 
@@ -47,6 +53,18 @@ config() {
 		echo "Expected app root directory $APP_ROOT does not exist"
 		exit 1
 	fi
+	cd $PEMDIR
+	pwd
+	ls -l
+	if [ -f $CAPEM  -a -f $CLIENTPEM -a -f $KEYPEM ]
+	then
+		echo "--key $PEMDIR/$KEYPEM --cacert $PEMDIR/$CAPEM --cert $PEMDIR/${CLIENTPEM}:${CERTPWD}" > $PEMDIR/curl.cred
+		CURLCRED="-K $PEMDIR/curl.cred"
+	else
+		echo "Warning: PEM files for authorization not found!"
+		CURLCRED=""
+	fi
+	echo "CURLCRED=$CURLCRED"
 	cd $APP_ROOT
 	find . -type f -exec ls -l {} \;
 	find $CONFIGMAP_ROOT -type f -exec ls -l {} \;
@@ -57,7 +75,7 @@ config() {
 		source $CONTAINER_CONFIG
 	fi
 
-	if [ "$DMAAPBC_WAIT_TO_EXIT" != "Y" ]
+	if [ "$WAIT_TO_EXIT" != "Y" ]
 	then
 		echo "Creating $APP_ROOT/ok_to_exit so no waiting..."
 		> $APP_ROOT/ok_to_exit
@@ -70,6 +88,7 @@ config() {
 
 
 init() {
+	set -x
 	echo "ENTER init"
 	if [ ! -d $CONFIGMAP_ROOT ]
 	then
@@ -82,18 +101,20 @@ init() {
 	while [ $rc != "200" ]
 	do
 		sleep 10
-		rc=`curl -s -o /dev/null -I -w "%{http_code}" -X GET -H "X-ECOMP-RequestID: $REQUESTID" -H "Content-Type: application/json" ${PROTO}://${DBC}:${PORT}/webapi/dmaap`
+		rc=`curl $CURLCRED -s -o /dev/null -I -w "%{http_code}" -X GET -H "X-ECOMP-RequestID: $REQUESTID" -H "Content-Type: application/json" ${PROTO}://${DBC}:${PORT}/webapi/dmaap`
 		echo "get dmaap response=${rc}"
 	done
+	set +x
 }
 dopost() {
+	set -x
 	RETRY_TIME=60
 
 	loop=true
 
 	while [ $loop = true ]
 	do
-		rc=`curl -s -X POST -w "%{http_code}" -H "X-ECOMP-RequestID: $REQUESTID" -H "Content-Type: application/json" -d @${1} ${PROTO}://${DBC}:${PORT}/webapi/${2} -o /dev/null`
+		rc=`curl $CURLCRED -s -X POST -w "%{http_code}" -H "X-ECOMP-RequestID: $REQUESTID" -H "Content-Type: application/json" -d @${1} ${PROTO}://${DBC}:${PORT}/webapi/${2} -o /dev/null`
 		case $rc in
 		200 | 201 | 409 )
 			echo "response=$rc"
@@ -105,10 +126,12 @@ dopost() {
 			;;
 		esac
 	done
+	set +x
 
 }
 doprov() {
 
+	set -x
 	cd $CONFIGMAP_ROOT
 	pwd
 	# order is important in this next list
@@ -123,6 +146,7 @@ doprov() {
 			done
 		fi
 	done
+	set +x
 }
 delay() {
 	echo "DELAY=$DELAY"
@@ -132,7 +156,6 @@ delay() {
 	fi
 }
 
-set -x
 delay
 config
 init
diff --git a/dbc-client/pom.xml b/dbc-client/pom.xml
index 9257263..83c1d05 100644
--- a/dbc-client/pom.xml
+++ b/dbc-client/pom.xml
@@ -112,6 +112,25 @@
                             <include>Dockerfile</include>
                         </includes>
                 </resource>
+                 <resource>
+                    <targetPath>${basedir}/target/docker-stage/opt/app/dbc-client/etc</targetPath>
+                    <directory>${multiproject.basedir}/certs</directory>
+                        <includes>
+                          <include>org.onap.dmaap-bc.cred.props</include>
+                          <include>org.onap.dmaap-bc.crontab.sh</include>
+                          <include>org.onap.dmaap-bc.jks</include>
+                          <include>org.onap.dmaap-bc.keyfile</include>
+                          <include>org.onap.dmaap-bc.location.props</include>
+                          <include>org.onap.dmaap-bc.p12</include>
+                          <include>org.onap.dmaap-bc.props</include>
+                          <include>org.onap.dmaap-bc.showpass</include>
+                          <include>org.onap.dmaap-bc.trust.jks</include>
+			  <include>ca.pem</include>
+                          <include>client.pem</include>
+			  <include>key.pem</include>
+                        </includes>
+                </resource>
+
                  <resource>
                     <targetPath>${basedir}/target/docker-stage/opt/app/dbc-client/bin</targetPath>
                     <directory>${basedir}/misc</directory>
@@ -120,7 +139,7 @@
                         </includes>
                 </resource>
                  <resource>
-                    <targetPath>${basedir}/target/docker-stage/opt/app/dmaapbc/etc</targetPath>
+                    <targetPath>${basedir}/target/docker-stage/opt/app/dbc-client/etc</targetPath>
                     <directory>${basedir}</directory>
                         <includes>
                             <include>version.properties</include>
@@ -251,7 +270,7 @@
     <jettyVersion>9.4.12.RC2</jettyVersion>
     <eelf.version>1.0.0</eelf.version>
     <swagger.version>1.5.19</swagger.version>
-    <artifact.version>1.0.5</artifact.version>
+    <artifact.version>1.0.6</artifact.version>
     <!--  SONAR  -->
     <jacoco.version>0.7.7.201606060606</jacoco.version>
     <sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version>
diff --git a/dbc-client/src/main/resources/Dockerfile b/dbc-client/src/main/resources/Dockerfile
index 90cd7f9..9baa481 100644
--- a/dbc-client/src/main/resources/Dockerfile
+++ b/dbc-client/src/main/resources/Dockerfile
@@ -35,11 +35,15 @@ RUN update-ca-certificates
 # Install curl
 RUN apk add --no-cache curl
 
-RUN apk add --no-cache curl
+# Install client certs for curl and openssl
+RUN apk add --no-cache openssl
+RUN mkdir -p /opt/app/osaaf/local  && \
+    mv etc/org.onap.dmaap-bc.p12 /opt/app/osaaf/local && \
+    mv etc/*.pem /opt/app/osaaf/local
 
 RUN chmod +x /opt/app/dbc-client/bin/* && \
     mkdir /opt/app/dbc-client/logs
 
 VOLUME /opt/app/dbc-client/log
 
-ENTRYPOINT ["sh", "./bin/dbc-client", "deploy"]
+ENTRYPOINT ["sh", "./bin/dbc-client" ]
diff --git a/dbc-client/version.properties b/dbc-client/version.properties
index 3de14e0..dadd8a9 100644
--- a/dbc-client/version.properties
+++ b/dbc-client/version.properties
@@ -27,7 +27,7 @@
 
 major=1
 minor=0
-patch=5
+patch=6
 base_version=${major}.${minor}.${patch}
 
 # Release must be completed with git revision # in Jenkins
diff --git a/dmaap-bc/pom.xml b/dmaap-bc/pom.xml
index 24f9e42..8252249 100644
--- a/dmaap-bc/pom.xml
+++ b/dmaap-bc/pom.xml
@@ -187,10 +187,8 @@
                 </resource>
                  <resource>
                     <targetPath>${basedir}/target/docker-stage/opt/app/dmaapbc/etc</targetPath>
-                    <directory>${basedir}/misc</directory>
+                    <directory>${multiproject.basedir}/certs</directory>
                         <includes>
-                          <include>LocalKey</include>
-                          <include>logback.xml</include>
                           <include>org.onap.dmaap-bc.cred.props</include>
                           <include>org.onap.dmaap-bc.crontab.sh</include>
                           <include>org.onap.dmaap-bc.jks</include>
@@ -201,6 +199,22 @@
                           <include>org.onap.dmaap-bc.showpass</include>
                           <include>org.onap.dmaap-bc.trust.jks</include>
                         </includes>
+                </resource>
+                 <resource>
+                    <targetPath>${basedir}/target/docker-stage/opt/app/dmaapbc/misc</targetPath>
+                    <directory>${multiproject.basedir}/misc</directory>
+                        <includes>
+                            <include>cert-client-init.sh</include>
+                            <include>aaf-ca.crt</include>
+                        </includes>
+                </resource>
+                 <resource>
+                    <targetPath>${basedir}/target/docker-stage/opt/app/dmaapbc/etc</targetPath>
+                    <directory>${basedir}/misc</directory>
+                        <includes>
+                          <include>LocalKey</include>
+                          <include>logback.xml</include>
+                        </includes>
                 </resource>
                  <resource>
                     <targetPath>${basedir}/target/docker-stage/opt/app/dmaapbc/etc</targetPath>
@@ -216,14 +230,6 @@
                             <include>opensource.env</include>
                             <include>*.tmpl</include>
                         </includes>
-                </resource>
-                 <resource>
-                    <targetPath>${basedir}/target/docker-stage/opt/app/dmaapbc/misc</targetPath>
-                    <directory>${multiproject.basedir}/misc</directory>
-                        <includes>
-                            <include>cert-client-init.sh</include>
-                            <include>aaf-ca.crt</include>
-                        </includes>
                 </resource>
                  <resource>
                     <targetPath>${basedir}/target/docker-stage/opt/app/dmaapbc/bin</targetPath>
@@ -463,7 +469,7 @@
     <jettyVersion>9.4.12.RC2</jettyVersion>
     <eelf.version>1.0.0</eelf.version>
     <swagger.version>1.5.19</swagger.version>
-    <artifact.version>1.1.2</artifact.version>
+    <artifact.version>1.1.3</artifact.version>
     <!--  SONAR  -->
     <jacoco.version>0.7.7.201606060606</jacoco.version>
     <sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version>
diff --git a/dmaap-bc/version.properties b/dmaap-bc/version.properties
index 85e1bd1..635e84d 100644
--- a/dmaap-bc/version.properties
+++ b/dmaap-bc/version.properties
@@ -27,7 +27,7 @@
 
 major=1
 minor=1
-patch=2
+patch=3
 base_version=${major}.${minor}.${patch}
 
 # Release must be completed with git revision # in Jenkins
-- 
2.16.6