aboutsummaryrefslogtreecommitdiff
path: root/src/main/resources
diff options
context:
space:
mode:
authorChristof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>2019-06-27 13:11:53 +0200
committerChristof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>2019-06-27 13:11:53 +0200
commita8e726382b0472ad030d7a579fe8d6878a216bd4 (patch)
treeceeb6bb09073da926c95230cb80a8ff156ea1481 /src/main/resources
parente2e77ed55687cb92c6f5a273995daf64dedef848 (diff)
downloadmoa-zs-a8e726382b0472ad030d7a579fe8d6878a216bd4.tar.gz
moa-zs-a8e726382b0472ad030d7a579fe8d6878a216bd4.tar.bz2
moa-zs-a8e726382b0472ad030d7a579fe8d6878a216bd4.zip
Fixes; SSL Client Auth Works!
- Switch to java 12 for now. Reason: Bug [1] in JDK 11 (up to jdk-11+28) impairs SSLHandshake ("Unsupported Operation Exception"), but was fixed in Java 12. - Set HTTP policy to infinite. - Fix key/truststore path resolution - Fix NPE in ConfigUtil.merge - Rearrange application.yaml to include two config profiles (one with and one without SSL for the msg client). - Add key material for testcases (Note: expires: May 2 14:47:08 2020 GMT) - Update MsgClient Testcases [1] https://bugs.openjdk.java.net/browse/JDK-8214098
Diffstat (limited to 'src/main/resources')
-rw-r--r--src/main/resources/application.yaml38
-rw-r--r--src/main/resources/ssl/client.cert.key.p12bin0 -> 6221 bytes
-rw-r--r--src/main/resources/ssl/truststore.jksbin0 -> 1648 bytes
-rw-r--r--src/main/resources/ssl/truststore.p12bin0 -> 1776 bytes
4 files changed, 8 insertions, 30 deletions
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index a0040ca..2d376a8 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -13,56 +13,34 @@ spring:
# Order: DeliveryRequest/Config > [chosen-profile] > default
delivery-request-configuration-profiles:
default:
-
perform-query-person-request: false
+ msg-client.url: http://localhost:8081/services/DeliveryRequest
- ## All parameters for MSG client.
+ ssl-profile:
+ perform-query-person-request: false
msg-client:
-
- url: http://localhost:8081/services/DeliveryRequest
-
+ url: https://localhost/zusemsg/services/DeliveryRequest
ssl:
-
## Boolean; if true, app will trust all server certificates;
## if false, server certificate needs to be in truststore.
trust-all: false
-
## Boolean; if true, app ignores mismatches between server's host name and
## Certificate's common name / alternative subject name.
lax-hostname-verification: false
-
## Parameters for ssl client auth
keystore:
- ## Absolute path to file
- filename: ssl/client.jks
+ ## Path to file
+ filename: ssl/client.cert.key.p12
## Password to unlock key store.
- password: 1233
+ password: 123456
## JKS or PKCS12
- type: JKS
-
-
-
- app-profile-1:
- msg:
- url: https://msg-url1.com
- perform-query-person-request: true
-
- app-profile-2:
- msg:
- url: https://msg-url2.com
+ type: PKCS12
## If set to false, moa zs ignores an incomplete default DeliveryRequest-configuration
## profile and continues startup. See 'delivery-request-configuration-profiles'.
## Default value: true
# verify-completeness-of-default-delivery-request-configuration: false
-## todo: fix this
-# ssl.keystore.file=../keys/www.egiz.gv.at.p12
-# egovutil.mis.ssl.keystore.password=OSgmSn!
-# egovutil.mis.ssl.keystore.type=PKCS12
-# egovutil.mis.ssl.trustall=true
-# egovutil.mis.ssl.laxhostnameverification=false
-
### logging
logging:
level:
diff --git a/src/main/resources/ssl/client.cert.key.p12 b/src/main/resources/ssl/client.cert.key.p12
new file mode 100644
index 0000000..f3becbf
--- /dev/null
+++ b/src/main/resources/ssl/client.cert.key.p12
Binary files differ
diff --git a/src/main/resources/ssl/truststore.jks b/src/main/resources/ssl/truststore.jks
new file mode 100644
index 0000000..3f90814
--- /dev/null
+++ b/src/main/resources/ssl/truststore.jks
Binary files differ
diff --git a/src/main/resources/ssl/truststore.p12 b/src/main/resources/ssl/truststore.p12
new file mode 100644
index 0000000..67eb611
--- /dev/null
+++ b/src/main/resources/ssl/truststore.p12
Binary files differ