HTTPS calls for sdc-onboarding

Implement HTTPS calls into sdc-onboarding
-Added p12 keystore certificate.
-Updated application configuration.
-Added trust-store.

Issue-ID: SDC-2498
Signed-off-by: Robert Bogacki <r.bogacki@samsung.com>
Signed-off-by: Krystian Kedron <k.kedron@partner.samsung.com>
Change-Id: Ia96c42cddee5fd94014963c9d2f584b098693a9a

diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb
index 844af46..566047d 100644 (file)
--- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb
+++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb
@@ -5,9 +5,9 @@ default['FE'][:http_port] = 8181
 default['FE'][:https_port] = 9443
 default['disableHttp'] = true
 default['cassandra'][:truststore_password] = "Aa123456"
-default['jetty'][:keystore_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok"
-default['jetty'][:keymanager_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok"
-default['jetty'][:truststore_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok"
+default['jetty'][:keystore_pwd] = "rTIS;B4kM]2GHcNK2c3B4&Ng"
+default['jetty'][:keymanager_pwd] = "rTIS;B4kM]2GHcNK2c3B4&Ng"
+default['jetty'][:truststore_pwd] = "Y,f975ZNJfVZhV*{+Y[}pA?0"
 default['VnfRepo']['vnfRepoPort'] = 8702
 default['VnfRepo']['vnfRepoHost'] = "192.168.50.5"
 
@@ -19,7 +19,6 @@ default['cassandra']['socket_read_timeout'] = 20000
 default['cassandra']['socket_connect_timeout'] = 20000
 default['cassandra']['janusgraph_connection_timeout'] = 10000
 
-
 #ExternalTesting
 default['EXTTEST']['ep1_config'] = "vtp,VTP,true,http://192.168.50.5:8702/onapapi/vnfsdk-marketplace,c.*"
 default['EXTTEST']['ep2_config'] = "repository,Repository,false,,.*"

diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/keystore b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/keystore
deleted file mode 100644 (file)
index c408393..0000000
Binary files a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/keystore and /dev/null differ

diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12 b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12
new file mode 100644 (file)
index 0000000..ee000dc
Binary files /dev/null and b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12 differ

diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks
new file mode 100644 (file)
index 0000000..342c4f2
Binary files /dev/null and b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks differ

diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/truststore b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/truststore
deleted file mode 100644 (file)
index c408393..0000000
Binary files a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/truststore and /dev/null differ

diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_2_locate_keystore.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_2_locate_keystore.rb
index 25f5d4f..e482b69 100644 (file)
--- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_2_locate_keystore.rb
+++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_2_locate_keystore.rb
@@ -6,15 +6,15 @@ directory "Jetty_etcdir_creation" do
        action :create
 end
        
-cookbook_file "#{ENV['JETTY_BASE']}/etc/keystore" do
-   source "keystore"
+cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.p12" do
+   source "org.onap.sdc.p12"
    owner "jetty"
    group "jetty"
    mode 0755
 end
 
-cookbook_file "#{ENV['JETTY_BASE']}/etc/truststore" do
-   source "truststore"
+cookbook_file "#{ENV['JETTY_BASE']}/etc/org.onap.sdc.trust.jks" do
+   source "org.onap.sdc.trust.jks"
    owner "jetty"
    group "jetty"
    mode 0755

diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ready-probe.sh.erb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ready-probe.sh.erb
index 4e58227..60148e0 100644 (file)
--- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ready-probe.sh.erb
+++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ready-probe.sh.erb
@@ -1,6 +1,6 @@
 #!/bin/bash
 <% if node[:disableHttp] -%>
-health_Check_http_code=$(curl --max-time 5 -o /dev/null -w '%{http_code}' -X GET --header "USER_ID: cs0008" --header "Accept: application/json" "http://127.0.0.1:<%= @ssl_port %>/onboarding-api/v1.0/healthcheck")
+health_Check_http_code=$(curl --max-time 5 -o /dev/null -w '%{http_code}' -X GET --header "USER_ID: cs0008" --header "Accept: application/json" "https://127.0.0.1:<%= @ssl_port %>/onboarding-api/v1.0/healthcheck")
 <% else %>
 health_Check_http_code=$(curl --max-time 5 -o /dev/null -w '%{http_code}' -X GET --header "USER_ID: cs0008" --header "Accept: application/json" "http://127.0.0.1:<%= @onboard_port %>/onboarding-api/v1.0/healthcheck")
 <% end -%>

diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb
index 1f1ff5d..278fdea 100644 (file)
--- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb
+++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb
@@ -42,10 +42,10 @@ jetty.ssl.port=<%= @https_port %>
 ## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html
 
 ## Keystore file path (relative to $jetty.base)
-# jetty.sslContext.keyStorePath=etc/keystore
+jetty.sslContext.keyStorePath=etc/org.onap.sdc.p12
 
 ## Truststore file path (relative to $jetty.base)
-#jetty.sslContext.trustStorePath=etc/truststore
+jetty.sslContext.trustStorePath=etc/org.onap.sdc.trust.jks
 
 ## Keystore password
 # jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4