Gitiles
Code Review Sign In
gerrit.nordix.org / onap / integration / csit / 13b7d05f2c457cea4a5f78fe4dbb6d1d99a6f450^! / . / plans / aaf / certservice / setup.sh
commit13b7d05f2c457cea4a5f78fe4dbb6d1d99a6f450[log] [tgz]
authorAleksandra Maciaga <aleksandra.maciaga@nokia.com>Thu Mar 26 17:28:47 2020 +0100
committerMichal Banka <michal.banka@nokia.com>Fri Apr 03 15:16:10 2020 +0200
tree73792f6f545cb89f4cff29e31e029c06c7909c4e
parent1ebe7ecef97bdac055c8ed67c5b379a4f6c89c4c [diff] [blame]
Change AAF Certservice CSITs to send requests via HTTPS

Signed-off-by: Aleksandra Maciaga <aleksandra.maciaga@nokia.com>
Signed-off-by: Michal Banka <michal.banka@nokia.com>
Change-Id: Ia7b5d8d548f4ae3727302772fc56e6b0142b0da0
Issue-ID: AAF-1084

diff --git a/plans/aaf/certservice/setup.sh b/plans/aaf/certservice/setup.sh
index 93d65f7..b23b719 100644
--- a/plans/aaf/certservice/setup.sh
+++ b/plans/aaf/certservice/setup.sh

@@ -71,15 +71,26 @@
 export CONFIGURATION_PATH=${CONFIGURATION_PATH}
 export SCRIPTS_PATH=${SCRIPTS_PATH}
 
+#Generate keystores, truststores, certificates and keys
+mkdir -p ${WORKSPACE}/tests/aaf/certservice/assets/certs/
+make all -C ./certs/
+cp ${WORKSPACE}/plans/aaf/certservice/certs/root.crt ${WORKSPACE}/tests/aaf/certservice/assets/certs/root.crt
+echo "Generated keystores"
+openssl pkcs12 -in ${WORKSPACE}/plans/aaf/certservice/certs/certServiceServer-keystore.p12 -clcerts -nokeys -password pass:secret | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ${WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.crt
+echo "Generated server certificate"
+openssl pkcs12 -in ${WORKSPACE}/plans/aaf/certservice/certs/certServiceServer-keystore.p12 -nocerts -nodes -password pass:secret| sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > ${WORKSPACE}/tests/aaf/certservice/assets/certs/certServiceServer.key
+echo "Generated server key"
+
 docker-compose up -d
 
 AAFCERT_IP='none'
 # Wait container ready
 for i in {1..9}
 do
-   AAFCERT_IP=`get-instance-ip.sh aafcert`
-   RESP_CODE=$(curl -I -s -o /dev/null -w "%{http_code}"  http://${AAFCERT_IP}:8080/actuator/health)
-   if [[ "$RESP_CODE" == '200' ]]; then
+   AAFCERT_IP=`get-instance-ip.sh aafcert-service`
+   RESP_CODE=$(curl -s https://localhost:8443/actuator/health --cacert ./certs/root.crt --cert-type p12 --cert ./certs/certServiceServer-keystore.p12 --pass secret | \
+   python2 -c 'import json,sys;obj=json.load(sys.stdin);print obj["status"]')
+   if [[ "$RESP_CODE" == "UP" ]]; then
        echo 'AAF Cert Service is ready'
        export AAFCERT_IP=${AAFCERT_IP}
        docker exec aafcert-ejbca /opt/primekey/scripts/ejbca-configuration.sh