Fixes; SSL Client Auth Works!

- Switch to java 12 for now. Reason: Bug [1] in JDK 11 (up to
  jdk-11+28) impairs SSLHandshake ("Unsupported Operation Exception"),
  but was fixed in Java 12.
- Set HTTP policy to infinite.
- Fix key/truststore path resolution
- Fix NPE in ConfigUtil.merge
- Rearrange application.yaml to include two config profiles (one with
  and one without SSL for the msg client).
- Add key material for testcases (Note: expires: May 2 14:47:08 2020 GMT)
- Update MsgClient Testcases

[1] https://bugs.openjdk.java.net/browse/JDK-8214098

4 files changed, 8 insertions, 30 deletions

diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index a0040ca..2d376a8 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -13,56 +13,34 @@ spring:
 # Order: DeliveryRequest/Config > [chosen-profile] > default
 delivery-request-configuration-profiles:
   default:
-
     perform-query-person-request: false
+    msg-client.url: http://localhost:8081/services/DeliveryRequest
 
-    ## All parameters for MSG client.
+  ssl-profile:
+    perform-query-person-request: false
     msg-client:
-
-      url: http://localhost:8081/services/DeliveryRequest
-
+      url: https://localhost/zusemsg/services/DeliveryRequest
       ssl:
-
         ## Boolean; if true, app will trust all server certificates;
         ## if false, server certificate needs to be in truststore.
         trust-all: false
-
         ## Boolean; if true, app ignores mismatches between server's host name and
         ## Certificate's common name / alternative subject name.
         lax-hostname-verification: false
-
         ## Parameters for ssl client auth
         keystore:
-          ## Absolute path to file
-          filename: ssl/client.jks
+          ## Path to file
+          filename: ssl/client.cert.key.p12
           ## Password to unlock key store.
-          password: 1233
+          password: 123456
           ## JKS or PKCS12
-          type: JKS
-
-
-
-  app-profile-1:
-    msg:
-      url: https://msg-url1.com
-    perform-query-person-request: true
-
-  app-profile-2:
-    msg:
-      url: https://msg-url2.com
+          type: PKCS12
 
 ## If set to false, moa zs ignores an incomplete default DeliveryRequest-configuration
 ## profile and continues startup. See 'delivery-request-configuration-profiles'.
 ## Default value: true
 # verify-completeness-of-default-delivery-request-configuration: false
 
-## todo: fix this
-#  ssl.keystore.file=../keys/www.egiz.gv.at.p12
-#  egovutil.mis.ssl.keystore.password=OSgmSn!
-#  egovutil.mis.ssl.keystore.type=PKCS12
-#  egovutil.mis.ssl.trustall=true
-#  egovutil.mis.ssl.laxhostnameverification=false
-
 ### logging
 logging:
   level:
diff --git a/src/main/resources/ssl/client.cert.key.p12 b/src/main/resources/ssl/client.cert.key.p12
new file mode 100644
index 0000000..f3becbf
--- /dev/null
+++ b/src/main/resources/ssl/client.cert.key.p12
diff --git a/src/main/resources/ssl/truststore.jks b/src/main/resources/ssl/truststore.jks
new file mode 100644
index 0000000..3f90814
--- /dev/null
+++ b/src/main/resources/ssl/truststore.jks
diff --git a/src/main/resources/ssl/truststore.p12 b/src/main/resources/ssl/truststore.p12
new file mode 100644
index 0000000..67eb611
--- /dev/null
+++ b/src/main/resources/ssl/truststore.p12