Merge pull request #178 from davco01a/latest

TLS Support
kabanero-io · Apr 28, 2020 · 358904a · 358904a
2 parents 4d72a2d + ae86948
commit 358904a
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 5 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -7,6 +7,8 @@ LABEL vendor="Kabanero" \
       summary="Image for Kabanero CLI Service" \
       description="This image contains the service for the Kabanero CLI.  See https://github.com/kabanero-io/kabanero-command-line-services/"
 
+
+ENV SEC_TLS_TRUSTDEFAULTCERTS=true
 # The licence must be here for Redhat container certification
 COPY LICENSE /licenses/ 
 

diff --git a/src/main/liberty/config/keystore.xml b/src/main/liberty/config/keystore.xml
@@ -1 +1 @@
-<server description="Default Server"><keyStore id="defaultKeyStore" password="keyspass" /></server>
+<server description="Default Server"><keyStore id="defaultKeyStore" password="changeit" /></server>
diff --git a/src/main/liberty/config/server.xml b/src/main/liberty/config/server.xml
@@ -39,10 +39,11 @@
 
 
 
-    <sslDefault sslRef="kabSSLConfig"/>
-    <ssl id="kabSSLConfig" keyStoreRef="defaultKeyStore" trustStoreRef="validationKeystore"/>
-    <keyStore id="defaultKeyStore" />
-    <keyStore id="validationKeystore" location="${server.config.dir}/resources/security/cacerts" type="jks" />
+    <keyStore id="defaultKeyStore"
+            password="changeit"
+            location="/etc/tls/secrets/java.io/kabanero.cli/keystores/keystore.p12"
+            type="PKCS12"/>
+  	<ssl id="defaultSSLConfig" keyStoreRef="defaultKeyStore" trustDefaultCerts="true" sslProtocol="TLSv1.2"/>
 
     <!-- this will be the issuer of the jwts -->
     <variable name="jwt.issuer" defaultValue="https://kabasec.com" />