From 31f01fcfadf8707aefe6bf3a09daf570ce248fc5 Mon Sep 17 00:00:00 2001 From: Maros Marsalek Date: Fri, 19 Aug 2016 12:20:33 +0200 Subject: HONEYCOMB-18 Fixing comments from reviews Change-Id: Ic0565d601d13b5f50ec3c714a43600e32a7e456b Signed-off-by: Maros Marsalek --- .../infra/distro/restconf/HttpsConnectorProvider.groovy | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.groovy') diff --git a/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.groovy b/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.groovy index 6ce5a1555..388aa2bbe 100644 --- a/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.groovy +++ b/infra/minimal-distribution/src/main/java/io/fd/honeycomb/infra/distro/restconf/HttpsConnectorProvider.groovy @@ -11,9 +11,6 @@ import org.eclipse.jetty.util.ssl.SslContextFactory class HttpsConnectorProvider extends ProviderTrait { - public static final String KEYSTORE_PASSWORD = "OBF:1v9s1unr1unn1vv51zlk1t331vg91x1b1vgl1t331zly1vu51uob1uo71v8u" - public static final String KEYSTORE_NAME = "/honeycomb-keystore" - @Inject HoneycombConfiguration cfg @Inject @@ -32,12 +29,14 @@ class HttpsConnectorProvider extends ProviderTrait { // openssl pkcs12 -inkey honeycomb.key -in honeycomb.crt -export -out honeycomb.pkcs12 // keytool -importkeystore -srckeystore honeycomb.pkcs12 -srcstoretype PKCS12 -destkeystore honeycomb-keystore def sslContextFactory = new SslContextFactory() - def keystoreURL = getClass().getResource(KEYSTORE_NAME) + def keystoreURL = getClass().getResource(cfg.restconfKeystore.get()) sslContextFactory.setKeyStorePath(keystoreURL.path) - sslContextFactory.setKeyStorePassword(KEYSTORE_PASSWORD) - sslContextFactory.setKeyManagerPassword(KEYSTORE_PASSWORD) - sslContextFactory.setTrustStorePath(keystoreURL.path) - sslContextFactory.setTrustStorePassword(KEYSTORE_PASSWORD) + sslContextFactory.setKeyStorePassword(cfg.keystorePassword.get()) + sslContextFactory.setKeyManagerPassword((cfg.keystoreManagerPassword.get())) + def truststoreURL = getClass().getResource(cfg.restconfTruststore.get()) + sslContextFactory.setTrustStorePath(truststoreURL.path) + sslContextFactory.setTrustStorePassword((cfg.truststorePassword.get())) + // TODO make this more configurable sslContextFactory.setExcludeCipherSuites( "SSL_RSA_WITH_DES_CBC_SHA", "SSL_DHE_RSA_WITH_DES_CBC_SHA", -- cgit 1.2.3-korg