Copy Keystore to PE for TLS Support
Added copy of drools keystore to config/pe so that container has
a copy of the self-signed cert to enable TLS encrpytion with automatic
install process. Added copy to do-start.sh to install keystore in final
destination in pap container.
Issue-ID: POLICY-520
Change-Id: Ie6394b5b79ec98cfa6231c46b21a0b4bfb20869a
Signed-off-by: Temoc Rodriguez <cr056n@att.com>
diff --git a/config/pe/policy-keystore b/config/pe/policy-keystore
new file mode 100644
index 0000000..ab25c3a
--- /dev/null
+++ b/config/pe/policy-keystore
Binary files differ
diff --git a/policy-pe/do-start.sh b/policy-pe/do-start.sh
index ab8e5a1..614ad1e 100644
--- a/policy-pe/do-start.sh
+++ b/policy-pe/do-start.sh
@@ -28,7 +28,7 @@
echo "Found existing installation, will not reinstall"
. /opt/app/policy/etc/profile.d/env.sh
-else
+else
if [[ -d config ]]; then
cp config/*.conf .
fi
@@ -44,10 +44,10 @@
. /opt/app/policy/etc/profile.d/env.sh
- # install keystore
- #changed to use http instead of http, so keystore no longer needed
- #cp config/policy-keystore.jks $POLICY_HOME/etc/ssl/policy-keystore
-
+ # install policy keystore
+ mkdir -p $POLICY_HOME/etc/ssl
+ cp config/policy-keystore $POLICY_HOME/etc/ssl
+
if [[ -f config/$container-tweaks.sh ]] ; then
# file may not be executable; running it as an
# argument to bash avoids needing execute perms.