[SDC-DISTRO-CLIENT] SSL config updates

Signed-off-by: efiacor <fiachra.corcoran@est.tech>
Change-Id: Iacaf5072241e56bf72db13acef0f533814ae8989
Issue-ID: SDC-4476
diff --git a/sdc-distribution-ci/etc/sdc-user-keystore.jks b/sdc-distribution-ci/etc/sdc-user-keystore.jks
new file mode 100644
index 0000000..7c3c72a
--- /dev/null
+++ b/sdc-distribution-ci/etc/sdc-user-keystore.jks
Binary files differ
diff --git a/sdc-distribution-ci/etc/sdc-user-truststore.jks b/sdc-distribution-ci/etc/sdc-user-truststore.jks
new file mode 100644
index 0000000..d1fb017
--- /dev/null
+++ b/sdc-distribution-ci/etc/sdc-user-truststore.jks
Binary files differ
diff --git a/sdc-distribution-ci/src/main/java/org/onap/test/core/config/DistributionClientConfig.java b/sdc-distribution-ci/src/main/java/org/onap/test/core/config/DistributionClientConfig.java
index f229216..fc818fd 100644
--- a/sdc-distribution-ci/src/main/java/org/onap/test/core/config/DistributionClientConfig.java
+++ b/sdc-distribution-ci/src/main/java/org/onap/test/core/config/DistributionClientConfig.java
@@ -34,8 +34,14 @@
     public static final int DEFAULT_POLLING_INTERVAL = 20;
     public static final int DEFAULT_POLLING_TIMEOUT = 20;
     public static final String DEFAULT_USER = "dcae";
-    public static final String DEFAULT_KEY_STORE_PATH = "etc/sdc-client.jks";
-    public static final String DEFAULT_KEY_STORE_PASSWORD = "Aa123456";
+    private String keyStorePath;
+    private String keyStorePassword;
+    public static final String DEFAULT_KEY_STORE_PATH = "etc/sdc-user-keystore.jks";
+    public static final String DEFAULT_KEY_STORE_PASSWORD = "zreRDCnNLsZ7";
+    public static final String DEFAULT_TRUST_STORE_PATH = "etc/sdc-user-truststore.jks";
+    public static final String DEFAULT_TRUST_STORE_PASSWORD = "changeit";
+    public String trustStorePath;
+    public String trustStorePassword;
     public static final boolean DEFAULT_ACTIVATE_SERVER_TLS_AUTH = false;
     public static final boolean DEFAULT_IS_FILTER_IN_EMPTY_RESOURCES = true;
     public static final boolean DEFAULT_USE_HTTPS_WITH_SDC = false;
@@ -48,10 +54,6 @@
     private String consumerGroup;
     private String environmentName;
     private String comsumerID;
-    private String keyStorePath;
-    private String keyStorePassword;
-    private final String trustStorePath;
-    private final String trustStorePassword;
     private boolean activateServerTLSAuth;
     private boolean isFilterInEmptyResources;
     private boolean useHttpsWithSDC;
@@ -77,8 +79,8 @@
         this.user = DEFAULT_USER;
         this.keyStorePath = DEFAULT_KEY_STORE_PATH;
         this.keyStorePassword = DEFAULT_KEY_STORE_PASSWORD;
-        this.trustStorePath = DEFAULT_KEY_STORE_PATH;
-        this.trustStorePassword = DEFAULT_KEY_STORE_PASSWORD;
+        this.trustStorePath = DEFAULT_TRUST_STORE_PATH;
+        this.trustStorePassword = DEFAULT_TRUST_STORE_PASSWORD;
         this.activateServerTLSAuth = DEFAULT_ACTIVATE_SERVER_TLS_AUTH;
         this.isFilterInEmptyResources = DEFAULT_IS_FILTER_IN_EMPTY_RESOURCES;
         this.useHttpsWithSDC = DEFAULT_USE_HTTPS_WITH_SDC;
diff --git a/sdc-distribution-ci/src/test/java/org/onap/test/core/service/CustomKafkaContainer.java b/sdc-distribution-ci/src/test/java/org/onap/test/core/service/CustomKafkaContainer.java
index e2eabc1..8de8949 100644
--- a/sdc-distribution-ci/src/test/java/org/onap/test/core/service/CustomKafkaContainer.java
+++ b/sdc-distribution-ci/src/test/java/org/onap/test/core/service/CustomKafkaContainer.java
@@ -33,6 +33,7 @@
         this.externalZookeeperConnect = null;
         this.withExposedPorts(9093);
         this.withEnv("KAFKA_LISTENERS", "PLAINTEXT://0.0.0.0:9093,BROKER://0.0.0.0:9092");
+        this.withEnv("KAFKA_ADVERTISED_LISTENERS", "SSL");
         this.withEnv("KAFKA_LISTENER_SECURITY_PROTOCOL_MAP", "BROKER:PLAINTEXT,PLAINTEXT:PLAINTEXT");
         this.withEnv("KAFKA_INTER_BROKER_LISTENER_NAME", "BROKER");
         this.withEnv("KAFKA_BROKER_ID", "1");
diff --git a/sdc-distribution-client/etc/README.txt b/sdc-distribution-client/etc/README.txt
deleted file mode 100644
index bbbbd07..0000000
--- a/sdc-distribution-client/etc/README.txt
+++ /dev/null
@@ -1,16 +0,0 @@
-keytool -genkeypair -keystore catalogbe.jks -alias catalogbe -keypass Aa123456 -storepass Aa123456  -keyalg RSA -keysize 2048  -validity 3650 -dname "CN=Catalog BE, OU=Development, O=AT&T, L=TLV, C=IL"
-
-
-3650 – 10 years validity
-Eyal Sofer – creator 
-Development – Organization unit
-AT&T – Organization
-TLV- City
-IL – Country code
-
-
-catalogbe.jks – name of keystore
-Aa123456 - password
-
-#In order to generate the password OBF:..., run the following command:
-java -cp ../jetty-distribution-9.2.7.v20150116/lib/jetty-http-9.2.7.v20150116.jar:../jetty-distribution-9.2.7.v20150116/lib/jetty-util-9.2.7.v20150116.jar org.eclipse.jetty.util.security.Password Aa123456
\ No newline at end of file
diff --git a/sdc-distribution-client/etc/sdc-client.jks b/sdc-distribution-client/etc/sdc-client.jks
deleted file mode 100644
index eb0a0d3..0000000
--- a/sdc-distribution-client/etc/sdc-client.jks
+++ /dev/null
Binary files differ
diff --git a/sdc-distribution-client/etc/sdcclientstore.jks b/sdc-distribution-client/etc/sdcclientstore.jks
deleted file mode 100644
index 5dc006d..0000000
--- a/sdc-distribution-client/etc/sdcclientstore.jks
+++ /dev/null
Binary files differ
diff --git a/sdc-distribution-client/src/main/java/org/onap/sdc/http/HttpClientFactory.java b/sdc-distribution-client/src/main/java/org/onap/sdc/http/HttpClientFactory.java
index 94e20fb..ee75102 100644
--- a/sdc-distribution-client/src/main/java/org/onap/sdc/http/HttpClientFactory.java
+++ b/sdc-distribution-client/src/main/java/org/onap/sdc/http/HttpClientFactory.java
@@ -22,6 +22,7 @@
 
 import java.io.FileInputStream;
 import java.io.IOException;
+import java.security.Key;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
@@ -29,6 +30,7 @@
 import java.security.cert.X509Certificate;
 
 import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
@@ -39,10 +41,12 @@
 import org.apache.http.auth.UsernamePasswordCredentials;
 import org.apache.http.client.CredentialsProvider;
 import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
 import org.apache.http.impl.client.BasicCredentialsProvider;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClientBuilder;
 import org.apache.http.ssl.SSLContextBuilder;
+import org.apache.http.ssl.SSLContexts;
 import org.onap.sdc.api.consumer.IConfiguration;
 import org.onap.sdc.utils.Pair;
 
@@ -71,9 +75,7 @@
     }
 
     private Pair<String, CloseableHttpClient> createHttpsClient(IConfiguration configuration) {
-        return new Pair<>(HTTPS,
-                initSSL(configuration.getUser(), configuration.getPassword(), configuration.getKeyStorePath(),
-                        configuration.getKeyStorePassword(), configuration.activateServerTLSAuth()));
+        return new Pair<>(HTTPS, initSSLMtls(configuration));
     }
 
     private Pair<String, CloseableHttpClient> createHttpClient(IConfiguration configuration) {
@@ -84,123 +86,37 @@
                 .setProxy(getHttpProxyHost()).build());
     }
 
-    private CloseableHttpClient initSSL(String username, String password, String keyStorePath, String keyStorePass,
-            boolean isSupportSSLVerification) {
+    private CloseableHttpClient initSSLMtls(IConfiguration configuration) {
 
-        try {
+        try (FileInputStream kis = new FileInputStream(configuration.getKeyStorePath());
+            FileInputStream tis = new FileInputStream(configuration.getTrustStorePath())) {
 
-            // SSLContextBuilder is not thread safe
             CredentialsProvider credsProvider = new BasicCredentialsProvider();
             credsProvider.setCredentials(new AuthScope("localhost", AUTHORIZATION_SCOPE_PORT),
-                    new UsernamePasswordCredentials(username, password));
-            SSLContext sslContext;
-            sslContext = SSLContext.getInstance(TLS);
-            TrustManagerFactory tmf = createTrustManagerFactory();
-            TrustManager[] tms = tmf.getTrustManagers();
-            if (isSupportSSLVerification) {
+                new UsernamePasswordCredentials(configuration.getUser(), configuration.getPassword()));
 
-                if (keyStorePath != null && !keyStorePath.isEmpty()) {
-                    // Using null here initialises the TMF with the default
-                    // trust store.
+            final KeyStore ks = KeyStore.getInstance("JKS");
+            ks.load(kis, configuration.getKeyStorePassword().toCharArray());
+            final KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+            keyManagerFactory.init(ks, configuration.getKeyStorePassword().toCharArray());
 
-                    // Get hold of the default trust manager
-                    X509TrustManager defaultTm = null;
-                    for (TrustManager tm : tmf.getTrustManagers()) {
-                        if (tm instanceof X509TrustManager) {
-                            defaultTm = (X509TrustManager) tm;
-                            break;
-                        }
-                    }
+            final KeyStore ts = KeyStore.getInstance("JKS");
+            ts.load(tis, configuration.getTrustStorePassword().toCharArray());
+            final TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+            trustManagerFactory.init(ts);
 
-                    // Do the same with your trust store this time
-                    // Adapt how you load the keystore to your needs
-                    KeyStore trustStore = loadKeyStore(keyStorePath, keyStorePass);
-
-                    tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-                    tmf.init(trustStore);
-
-                    // Get hold of the default trust manager
-                    X509TrustManager myTm = null;
-                    for (TrustManager tm : tmf.getTrustManagers()) {
-                        if (tm instanceof X509TrustManager) {
-                            myTm = (X509TrustManager) tm;
-                            break;
-                        }
-                    }
-
-                    // Wrap it in your own class.
-                    final X509TrustManager finalDefaultTm = defaultTm;
-                    final X509TrustManager finalMyTm = myTm;
-                    X509TrustManager customTm = new X509TrustManager() {
-                        @Override
-                        public X509Certificate[] getAcceptedIssuers() {
-                            // If you're planning to use client-cert auth,
-                            // merge results from "defaultTm" and "myTm".
-                            return finalDefaultTm.getAcceptedIssuers();
-                        }
-
-                        @Override
-                        public void checkServerTrusted(X509Certificate[] chain, String authType)
-                                throws CertificateException {
-                            try {
-                                finalMyTm.checkServerTrusted(chain, authType);
-                            } catch (CertificateException e) {
-                                // This will throw another CertificateException
-                                // if this fails too.
-                                finalDefaultTm.checkServerTrusted(chain, authType);
-                            }
-                        }
-
-                        @Override
-                        public void checkClientTrusted(X509Certificate[] chain, String authType)
-                                throws CertificateException {
-                            // If you're planning to use client-cert auth,
-                            // do the same as checking the server.
-                            finalDefaultTm.checkClientTrusted(chain, authType);
-                        }
-                    };
-
-                    tms = new TrustManager[] { customTm };
-
-                }
-
-                sslContext.init(null, tms, null);
-                SSLContext.setDefault(sslContext);
-
-            } else {
-
-                SSLContextBuilder builder = new SSLContextBuilder();
-
-                builder.loadTrustMaterial(null, (chain, authType) -> true);
-
-                sslContext = builder.build();
-            }
-
+            final SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(ts, new TrustSelfSignedStrategy()).loadKeyMaterial(ks, configuration.getKeyStorePassword().toCharArray()).build();
             HostnameVerifier hostnameVerifier = (hostname, session) -> hostname.equalsIgnoreCase(session.getPeerHost());
             SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, new String[] { TLS }, null,
-                    hostnameVerifier);
+                hostnameVerifier);
+
             return HttpClientBuilder.create().setDefaultCredentialsProvider(credsProvider).setProxy(getHttpsProxyHost())
-                    .setSSLSocketFactory(sslsf).build();
+                .setSSLSocketFactory(sslsf).build();
         } catch (Exception e) {
             throw new HttpSdcClientException("Failed to create https client", e);
         }
     }
 
-    private TrustManagerFactory createTrustManagerFactory() throws NoSuchAlgorithmException, KeyStoreException {
-        TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-        tmf.init(DEFAULT_INIT_KEY_STORE_VALUE);
-        return tmf;
-    }
-
-    private KeyStore loadKeyStore(String keyStorePath, String keyStorePass)
-            throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
-        KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
-        try (FileInputStream keyStoreData = new FileInputStream(keyStorePath)) {
-            trustStore.load(keyStoreData, keyStorePass.toCharArray());
-        }
-        return trustStore;
-    }
-
     private HttpHost getHttpProxyHost() {
         HttpHost proxyHost = null;
         if (configuration.isUseSystemProxy() && System.getProperty("http.proxyHost") != null
diff --git a/sdc-distribution-client/src/main/java/org/onap/sdc/impl/Configuration.java b/sdc-distribution-client/src/main/java/org/onap/sdc/impl/Configuration.java
index add4185..8841856 100644
--- a/sdc-distribution-client/src/main/java/org/onap/sdc/impl/Configuration.java
+++ b/sdc-distribution-client/src/main/java/org/onap/sdc/impl/Configuration.java
@@ -21,15 +21,14 @@
 package org.onap.sdc.impl;
 
 import java.util.List;
-
 import org.onap.sdc.api.consumer.IConfiguration;
 
 public class Configuration implements IConfiguration {
 
-    private List<String> msgBusAddressList;
+    private String msgBusAddressList;
     private final String kafkaSecurityProtocolConfig;
     private final String kafkaSaslMechanism;
-    private final String kafkaSaslJaasConfig;
+    private String kafkaSaslJaasConfig = null;
     private final int kafkaConsumerMaxPollInterval;
     private final int kafkaConsumerSessionTimeout;
     private String sdcStatusTopicName;
@@ -60,7 +59,9 @@
     public Configuration(IConfiguration other) {
         this.kafkaSecurityProtocolConfig = other.getKafkaSecurityProtocolConfig();
         this.kafkaSaslMechanism = other.getKafkaSaslMechanism();
-        this.kafkaSaslJaasConfig = other.getKafkaSaslJaasConfig();
+        if (!"SSL".equals(this.kafkaSecurityProtocolConfig)) {
+            this.kafkaSaslJaasConfig = other.getKafkaSaslJaasConfig();
+        }
         this.comsumerID = other.getConsumerID();
         this.consumerGroup = other.getConsumerGroup();
         this.pollingInterval = other.getPollingInterval();
@@ -233,11 +234,11 @@
         this.sdcNotificationTopicName = sdcNotificationTopicName;
     }
 
-    public List<String> getMsgBusAddress() {
+    public String getMsgBusAddress() {
         return msgBusAddressList;
     }
 
-    public void setMsgBusAddress(List<String> newMsgBusAddress) {
+    public void setMsgBusAddress(String newMsgBusAddress) {
         msgBusAddressList = newMsgBusAddress;
     }
 
diff --git a/sdc-distribution-client/src/main/java/org/onap/sdc/impl/DistributionClientImpl.java b/sdc-distribution-client/src/main/java/org/onap/sdc/impl/DistributionClientImpl.java
index a34ba1e..0c05b58 100644
--- a/sdc-distribution-client/src/main/java/org/onap/sdc/impl/DistributionClientImpl.java
+++ b/sdc-distribution-client/src/main/java/org/onap/sdc/impl/DistributionClientImpl.java
@@ -30,6 +30,7 @@
 import java.lang.reflect.Type;
 import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
 import java.util.UUID;
@@ -324,7 +325,7 @@
             errorWrapper.setInnerElement(kafkaData.right().value());
         } else {
             KafkaDataResponse kafkaDataResponse = kafkaData.left().value();
-            configuration.setMsgBusAddress(Collections.singletonList(kafkaDataResponse.getKafkaBootStrapServer()));
+            configuration.setMsgBusAddress(kafkaDataResponse.getKafkaBootStrapServer());
             configuration.setNotificationTopicName(kafkaDataResponse.getDistrNotificationTopicName());
             configuration.setStatusTopicName(kafkaDataResponse.getDistrStatusTopicName());
             log.debug("MessageBus cluster info retrieved successfully {}", kafkaData.left().value());
diff --git a/sdc-distribution-client/src/main/java/org/onap/sdc/utils/kafka/KafkaCommonConfig.java b/sdc-distribution-client/src/main/java/org/onap/sdc/utils/kafka/KafkaCommonConfig.java
index 477e677..b285bfe 100644
--- a/sdc-distribution-client/src/main/java/org/onap/sdc/utils/kafka/KafkaCommonConfig.java
+++ b/sdc-distribution-client/src/main/java/org/onap/sdc/utils/kafka/KafkaCommonConfig.java
@@ -19,18 +19,22 @@
  */
 package org.onap.sdc.utils.kafka;
 
+import java.util.Properties;
+import java.util.UUID;
+import org.apache.kafka.clients.CommonClientConfigs;
 import org.apache.kafka.clients.consumer.ConsumerConfig;
 import org.apache.kafka.clients.producer.ProducerConfig;
-import org.apache.kafka.clients.CommonClientConfigs;
 import org.apache.kafka.common.config.SaslConfigs;
 import org.apache.kafka.common.config.SslConfigs;
 import org.onap.sdc.impl.Configuration;
-import java.util.Properties;
-import java.util.UUID;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 public class KafkaCommonConfig {
+    private static final Logger log = LoggerFactory.getLogger(KafkaCommonConfig.class);
+
     private final Configuration configuration;
-    public KafkaCommonConfig(Configuration configuration){
+    public KafkaCommonConfig(Configuration configuration) {
         this.configuration = configuration;
     }
 
@@ -47,7 +51,6 @@
         props.put(ConsumerConfig.ALLOW_AUTO_CREATE_TOPICS_CONFIG, false);
         props.put(ConsumerConfig.AUTO_OFFSET_RESET_CONFIG, "latest");
 
-
         return props;
     }
 
@@ -70,10 +73,10 @@
             props.put(SslConfigs.SSL_TRUSTSTORE_PASSWORD_CONFIG, configuration.getTrustStorePassword());
             props.put(SslConfigs.SSL_TRUSTSTORE_LOCATION_CONFIG, configuration.getTrustStorePath());
             props.put(SslConfigs.SSL_KEYSTORE_PASSWORD_CONFIG, configuration.getKeyStorePassword());
+            props.put(SslConfigs.SSL_ENDPOINT_IDENTIFICATION_ALGORITHM_CONFIG, "");
             props.put(SslConfigs.SSL_KEYSTORE_LOCATION_CONFIG, configuration.getKeyStorePath());
             props.put(SslConfigs.SSL_KEY_PASSWORD_CONFIG, configuration.getKeyStorePassword());
-        }
-        else{
+        } else {
             props.put(SaslConfigs.SASL_JAAS_CONFIG, configuration.getKafkaSaslJaasConfig());
             props.put(SaslConfigs.SASL_MECHANISM, configuration.getKafkaSaslMechanism());
         }
diff --git a/sdc-distribution-client/src/main/java/org/onap/sdc/utils/kafka/SdcKafkaProducer.java b/sdc-distribution-client/src/main/java/org/onap/sdc/utils/kafka/SdcKafkaProducer.java
index b151b23..e0b51eb 100644
--- a/sdc-distribution-client/src/main/java/org/onap/sdc/utils/kafka/SdcKafkaProducer.java
+++ b/sdc-distribution-client/src/main/java/org/onap/sdc/utils/kafka/SdcKafkaProducer.java
@@ -20,18 +20,12 @@
 
 package org.onap.sdc.utils.kafka;
 
-import java.util.List;
 import java.util.Properties;
-import java.util.UUID;
 import java.util.concurrent.Future;
-import org.apache.kafka.clients.CommonClientConfigs;
 import org.apache.kafka.clients.producer.KafkaProducer;
-import org.apache.kafka.clients.producer.ProducerConfig;
 import org.apache.kafka.clients.producer.ProducerRecord;
 import org.apache.kafka.clients.producer.RecordMetadata;
 import org.apache.kafka.common.KafkaException;
-import org.apache.kafka.common.config.SaslConfigs;
-import org.apache.kafka.common.config.SslConfigs;
 import org.onap.sdc.impl.Configuration;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -43,7 +37,7 @@
 
     private static final Logger log = LoggerFactory.getLogger(SdcKafkaProducer.class);
     final KafkaProducer<String, String> producer;
-    private final List<String> msgBusAddresses;
+    private final String msgBusAddresses;
     private final String topicName;
 
     /**
@@ -89,9 +83,9 @@
     }
 
     /**
-     * @return The list kafka endpoints
+     * @return The list of kafka endpoints
      */
-    public List<String> getMsgBusAddresses() {
+    public String getMsgBusAddresses() {
         return msgBusAddresses;
     }
 
diff --git a/sdc-distribution-client/src/test/java/org/onap/sdc/http/HttpClientFactoryTest.java b/sdc-distribution-client/src/test/java/org/onap/sdc/http/HttpClientFactoryTest.java
index 2292fc4..3ee2d02 100644
--- a/sdc-distribution-client/src/test/java/org/onap/sdc/http/HttpClientFactoryTest.java
+++ b/sdc-distribution-client/src/test/java/org/onap/sdc/http/HttpClientFactoryTest.java
@@ -41,8 +41,10 @@
         TestConfiguration config = spy(new TestConfiguration());
         HttpClientFactory httpClientFactory = new HttpClientFactory(config);
         when(config.activateServerTLSAuth()).thenReturn(true);
-        when(config.getKeyStorePath()).thenReturn("src/test/resources/sdc-client.jks");
-        when(config.getKeyStorePassword()).thenReturn("Aa123456");
+        when(config.getKeyStorePath()).thenReturn("src/test/resources/sdc-user-keystore.jks");
+        when(config.getKeyStorePassword()).thenReturn("zreRDCnNLsZ7");
+        when(config.getTrustStorePath()).thenReturn("src/test/resources/sdc-user-truststore.jks");
+        when(config.getTrustStorePassword()).thenReturn("changeit");
         Pair<String, CloseableHttpClient> client = httpClientFactory.createInstance();
         SSLConnectionSocketFactory sslsf = spy(SSLConnectionSocketFactory.getSocketFactory());
         CredentialsProvider credsProvider = new BasicCredentialsProvider();
diff --git a/sdc-distribution-client/src/test/java/org/onap/sdc/http/SdcConnectorClientTest.java b/sdc-distribution-client/src/test/java/org/onap/sdc/http/SdcConnectorClientTest.java
index e449c4c..b2c1128 100644
--- a/sdc-distribution-client/src/test/java/org/onap/sdc/http/SdcConnectorClientTest.java
+++ b/sdc-distribution-client/src/test/java/org/onap/sdc/http/SdcConnectorClientTest.java
@@ -87,7 +87,10 @@
         when(conf.getUser()).thenReturn("user");
         when(conf.getPassword()).thenReturn("password");
         when(conf.isUseHttpsWithSDC()).thenReturn(true);
-
+        when(conf.getKeyStorePath()).thenReturn("src/test/resources/sdc-user-keystore.jks");
+        when(conf.getKeyStorePassword()).thenReturn("zreRDCnNLsZ7");
+        when(conf.getTrustStorePath()).thenReturn("src/test/resources/sdc-user-truststore.jks");
+        when(conf.getTrustStorePassword()).thenReturn("changeit");
         when(conf.activateServerTLSAuth()).thenReturn(false);
         final HttpSdcClient httpClient = new HttpSdcClient(conf);
         SdcConnectorClient client = new SdcConnectorClient(conf, httpClient);
diff --git a/sdc-distribution-client/src/test/java/org/onap/sdc/utils/KafkaCommonConfigTest.java b/sdc-distribution-client/src/test/java/org/onap/sdc/utils/KafkaCommonConfigTest.java
index 36730b5..a60a785 100644
--- a/sdc-distribution-client/src/test/java/org/onap/sdc/utils/KafkaCommonConfigTest.java
+++ b/sdc-distribution-client/src/test/java/org/onap/sdc/utils/KafkaCommonConfigTest.java
@@ -35,8 +35,7 @@
 
     @Test
     public void testConsumerPropertiesNoSSL(){
-        List<String> msgBusAddress = new ArrayList<>();
-        msgBusAddress.add("address1");
+        String msgBusAddress = "address1";
         testConfigNoSSL.setMsgBusAddress(msgBusAddress);
         KafkaCommonConfig kafkaCommonConfig = new KafkaCommonConfig(testConfigNoSSL);
         Properties consumerProperties = kafkaCommonConfig.getConsumerProperties();
@@ -45,8 +44,7 @@
 
     @Test
     public void testProducerPropertiesWithSSL(){
-        List<String> msgBusAddress = new ArrayList<>();
-        msgBusAddress.add("address1");
+        String msgBusAddress = "address1";
         testConfigWithSSL.setMsgBusAddress(msgBusAddress);
         KafkaCommonConfig kafkaCommonConfig = new KafkaCommonConfig(testConfigWithSSL);
         Properties consumerProperties = kafkaCommonConfig.getProducerProperties();
diff --git a/sdc-distribution-client/src/test/java/org/onap/sdc/utils/SdcKafkaTest.java b/sdc-distribution-client/src/test/java/org/onap/sdc/utils/SdcKafkaTest.java
index c0c60a8..a4d348c 100644
--- a/sdc-distribution-client/src/test/java/org/onap/sdc/utils/SdcKafkaTest.java
+++ b/sdc-distribution-client/src/test/java/org/onap/sdc/utils/SdcKafkaTest.java
@@ -57,7 +57,7 @@
         startKafkaService();
         KafkaTestUtils utils = new KafkaTestUtils(kafkaTestCluster);
         utils.createTopic(topicName, 1, (short) 1);
-        configuration.setMsgBusAddress(Collections.singletonList(kafkaTestCluster.getKafkaConnectString()));
+        configuration.setMsgBusAddress(kafkaTestCluster.getKafkaConnectString());
     }
 
     @AfterAll
diff --git a/sdc-distribution-client/src/test/java/org/onap/sdc/utils/TestConfiguration.java b/sdc-distribution-client/src/test/java/org/onap/sdc/utils/TestConfiguration.java
index a132cd0..b75d231 100644
--- a/sdc-distribution-client/src/test/java/org/onap/sdc/utils/TestConfiguration.java
+++ b/sdc-distribution-client/src/test/java/org/onap/sdc/utils/TestConfiguration.java
@@ -42,6 +42,8 @@
 	private final int kafkaConsumerSessionTimeout;
 	private String keyStorePath;
 	private String keyStorePassword;
+	private String trustStorePath;
+	private String trustStorePassword;
 	private boolean activateServerTLSAuth;
 	private boolean isFilterInEmptyResources;
 	private boolean useHttpsWithSDC;
@@ -66,8 +68,10 @@
 		this.relevantArtifactTypes = new ArrayList<>();
 		this.relevantArtifactTypes.add(ArtifactTypeEnum.HEAT.name());
 		this.user = "mso-user";
-		this.keyStorePath = "etc/sdc-client.jks";
-		this.keyStorePassword = "Aa123456";
+		this.keyStorePath = "src/test/resources/etc/sdc-user-keystore.jks";
+		this.keyStorePassword = "zreRDCnNLsZ7";
+		this.trustStorePath = "src/test/resources/etc/sdc-user-truststore.jks";
+		this.trustStorePassword = "changeit";
 		this.activateServerTLSAuth = true;
 		this.isFilterInEmptyResources = false;
 		this.useHttpsWithSDC = true;
@@ -155,6 +159,16 @@
 		return keyStorePassword;
 	}
 
+	@Override
+	public String getTrustStorePath() {
+		return trustStorePath;
+	}
+
+	@Override
+	public String getTrustStorePassword() {
+		return trustStorePassword;
+	}
+
 	public String getConsumerID() {
 		return consumerID;
 	}
diff --git a/sdc-distribution-client/src/test/resources/etc/sdc-user-keystore.jks b/sdc-distribution-client/src/test/resources/etc/sdc-user-keystore.jks
new file mode 100644
index 0000000..7c3c72a
--- /dev/null
+++ b/sdc-distribution-client/src/test/resources/etc/sdc-user-keystore.jks
Binary files differ
diff --git a/sdc-distribution-client/src/test/resources/etc/sdc-user-truststore.jks b/sdc-distribution-client/src/test/resources/etc/sdc-user-truststore.jks
new file mode 100644
index 0000000..d1fb017
--- /dev/null
+++ b/sdc-distribution-client/src/test/resources/etc/sdc-user-truststore.jks
Binary files differ
diff --git a/sdc-distribution-client/src/test/resources/sdc-user-keystore.jks b/sdc-distribution-client/src/test/resources/sdc-user-keystore.jks
new file mode 100644
index 0000000..7c3c72a
--- /dev/null
+++ b/sdc-distribution-client/src/test/resources/sdc-user-keystore.jks
Binary files differ
diff --git a/sdc-distribution-client/src/test/resources/sdc-user-truststore.jks b/sdc-distribution-client/src/test/resources/sdc-user-truststore.jks
new file mode 100644
index 0000000..d1fb017
--- /dev/null
+++ b/sdc-distribution-client/src/test/resources/sdc-user-truststore.jks
Binary files differ