From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Fri, 2 Apr 2021 08:02:05 +0000 (+0200)
Subject: [GLOBAL] Don't try to set keypassword when storetype is PKCS12
X-Git-Tag: 9.0.0~325^2
X-Git-Url: https://gerrit.onap.org/r/gitweb?p=oom.git;a=commitdiff_plain;h=a3854762a4d22de46cb56c52a5d9c401dfad6680

[GLOBAL] Don't try to set keypassword when storetype is PKCS12

It seems that for PKCS12 stores there is no keypassword so we are
getting this error in our logs:

keytool error: java.lang.UnsupportedOperationException:
-keypasswd commands not supported if -storetype is PKCS12

Let's fix this by just not trying to set key password for PKCS12 stores.

Issue-ID: OOM-1
Change-Id: I8f4cc5a0b54029b3c1baa83b61092942e34ffab2
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
---

diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml
index 7892142de3..489b4da318 100644
--- a/kubernetes/a1policymanagement/values.yaml
+++ b/kubernetes/a1policymanagement/values.yaml
@@ -56,11 +56,6 @@ certInitializer:
     keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
       -storepass "${cadi_truststore_password}" \
       -keystore {{ .Values.fqi_namespace }}.trust.jks
-    echo "*** set key password as same password as keystore password"
-    keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
-      -keystore {{ .Values.fqi_namespace }}.p12 \
-      -keypass "${cadi_keystore_password_p12}" \
-      -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
     echo "*** save the generated passwords"
     echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
     echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index 7509cb3bd6..b84139161e 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -147,11 +147,6 @@ certInitializer:
     keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \
       -storepass "${cadi_truststore_password}" \
       -keystore {{ .Values.fqi_namespace }}.trust.jks
-    echo "*** set key password as same password as keystore password"
-    keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
-      -keystore {{ .Values.fqi_namespace }}.p12 \
-      -keypass "${cadi_keystore_password_p12}" \
-      -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
     echo "*** save the generated passwords"
     echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
     echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop
diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml
index 253f9b9e93..38011a0c98 100644
--- a/kubernetes/aai/components/aai-traversal/values.yaml
+++ b/kubernetes/aai/components/aai-traversal/values.yaml
@@ -133,11 +133,6 @@ certInitializer:
     keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \
       -storepass "${cadi_truststore_password}" \
       -keystore {{ .Values.fqi_namespace }}.trust.jks
-    echo "*** set key password as same password as keystore password"
-    keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
-      -keystore {{ .Values.fqi_namespace }}.p12 \
-      -keypass "${cadi_keystore_password_p12}" \
-      -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
     echo "*** save the generated passwords"
     echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
     echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop
diff --git a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml
index f27f4bac79..f44faa1059 100644
--- a/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml
+++ b/kubernetes/holmes/components/holmes-engine-mgmt/values.yaml
@@ -55,11 +55,6 @@ certInitializer:
     keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
       -storepass "${cadi_truststore_password}" \
       -keystore {{ .Values.fqi_namespace }}.trust.jks
-    echo "*** set key password as same password as keystore password"
-    keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
-      -keystore {{ .Values.fqi_namespace }}.p12 \
-      -keypass "${cadi_keystore_password_p12}" \
-      -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
     echo "*** save the generated passwords"
     echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
     echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop
diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
index 91998f3809..9e2b656150 100644
--- a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
+++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml
@@ -55,11 +55,6 @@ certInitializer:
     keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
       -storepass "${cadi_truststore_password}" \
       -keystore {{ .Values.fqi_namespace }}.trust.jks
-    echo "*** set key password as same password as keystore password"
-    keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \
-      -keystore {{ .Values.fqi_namespace }}.p12 \
-      -keypass "${cadi_keystore_password_p12}" \
-      -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }}
     echo "*** save the generated passwords"
     echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
     echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop