This is an automated email from the ASF dual-hosted git repository. lahirujayathilake pushed a commit to branch cybershuttle-dev in repository https://gitbox.apache.org/repos/asf/airavata.git
commit 99504c30abc6d2e588c87ea7d8c2795e21a56518 Author: yasith <[email protected]> AuthorDate: Fri Mar 14 03:56:02 2025 -0400 move self-signed certs to a single location --- keystores/airavata.jks | Bin 0 -> 2832 bytes keystores/client_truststore.jks | Bin 0 -> 2323 bytes keystores/generate_keystore.sh | 13 +++++++ modules/agent-framework/pom.xml | 12 ++++++ modules/commons/src/test/resources/mykeystore.jks | Bin 498 -> 0 bytes .../credential-store-service/pom.xml | 7 ++++ .../src/test/resources/keystore.jks | Bin 2230 -> 0 bytes .../src/test/resources/mykeystore.jks | Bin 498 -> 0 bytes modules/ide-integration/README.md | 43 ++++++--------------- modules/ide-integration/pom.xml | 7 ++++ .../src/main/resources/keystores/airavata.jks | Bin 2679 -> 0 bytes .../src/main/resources/keystores/airavata_sym.jks | Bin 501 -> 0 bytes .../main/resources/keystores/client_truststore.jks | Bin 2282 -> 0 bytes .../sharing-registry-server/pom.xml | 12 ++++++ .../src/main/resources/airavata.jks | Bin 1410 -> 0 bytes .../src/main/resources/client_truststore.jks | Bin 5312 -> 0 bytes .../src/test/resources/airavata.jks | Bin 1410 -> 0 bytes .../src/test/resources/client_truststore.jks | Bin 5312 -> 0 bytes .../src/main/resources/client_truststore.jks | Bin 5312 -> 46 bytes 19 files changed, 63 insertions(+), 31 deletions(-) diff --git a/keystores/airavata.jks b/keystores/airavata.jks new file mode 100644 index 0000000000..3a65bad801 Binary files /dev/null and b/keystores/airavata.jks differ diff --git a/keystores/client_truststore.jks b/keystores/client_truststore.jks new file mode 100644 index 0000000000..ea85617d83 Binary files /dev/null and b/keystores/client_truststore.jks differ diff --git a/keystores/generate_keystore.sh b/keystores/generate_keystore.sh new file mode 100755 index 0000000000..5ba331ccd3 --- /dev/null +++ b/keystores/generate_keystore.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +# Remove existing key stores +rm -f airavata.jks client_truststore.jks + +# Generate a PKCS12 keystore with a self-signed certificate +keytool -genkey -keyalg RSA -alias selfsigned -keystore airavata.jks -storetype pkcs12 -storepass airavata -validity 360 -keysize 2048 \ + -dname "CN=airavata.host, OU=airavata.host, O=airavata.host, L=airavata.host, ST=airavata.host, C=airavata.host" + +# Also generate a JKS keystore with that certificate (for backward-compatibility) +keytool -importkeystore -noprompt \ + -srckeystore airavata.jks -srcstoretype pkcs12 -srcstorepass airavata \ + -destkeystore client_truststore.jks -deststoretype jks -deststorepass airavata diff --git a/modules/agent-framework/pom.xml b/modules/agent-framework/pom.xml index 0d19265b9c..c26190f5fe 100644 --- a/modules/agent-framework/pom.xml +++ b/modules/agent-framework/pom.xml @@ -22,4 +22,16 @@ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> </properties> + <build> + <resources> + <resource> + <directory>../../keystores</directory> + <includes> + <include>*.jks</include> + <include>*.p12</include> + </includes> + </resource> + </resources> + </build> + </project> \ No newline at end of file diff --git a/modules/commons/src/test/resources/mykeystore.jks b/modules/commons/src/test/resources/mykeystore.jks deleted file mode 100644 index 335ebf8b52..0000000000 Binary files a/modules/commons/src/test/resources/mykeystore.jks and /dev/null differ diff --git a/modules/credential-store/credential-store-service/pom.xml b/modules/credential-store/credential-store-service/pom.xml index 2add9f3b5e..132dd0c2e0 100644 --- a/modules/credential-store/credential-store-service/pom.xml +++ b/modules/credential-store/credential-store-service/pom.xml @@ -170,6 +170,13 @@ <testResource> <directory>${project.basedir}/src/test/resources</directory> </testResource> + <testResource> + <directory>${project.basedir}/../../../keystores</directory> + <includes> + <include>*.jks</include> + <include>*.p12</include> + </includes> + </testResource> </testResources> </build> </project> diff --git a/modules/credential-store/credential-store-service/src/test/resources/keystore.jks b/modules/credential-store/credential-store-service/src/test/resources/keystore.jks deleted file mode 100644 index 14cf02261e..0000000000 Binary files a/modules/credential-store/credential-store-service/src/test/resources/keystore.jks and /dev/null differ diff --git a/modules/credential-store/credential-store-service/src/test/resources/mykeystore.jks b/modules/credential-store/credential-store-service/src/test/resources/mykeystore.jks deleted file mode 100644 index 335ebf8b52..0000000000 Binary files a/modules/credential-store/credential-store-service/src/test/resources/mykeystore.jks and /dev/null differ diff --git a/modules/ide-integration/README.md b/modules/ide-integration/README.md index f07dbd5d45..a28383beb6 100644 --- a/modules/ide-integration/README.md +++ b/modules/ide-integration/README.md @@ -189,40 +189,21 @@ https://myaccount.google.com/security ### NOTE: (Optional) Creating certificates if expired * This is required only when the self signed certificate for keycloak is expired - * Go to src/main/resources/keystores + * Go to airavata/keystores * Provide password as airavata for all key stores - ``` - rm airavata.jks - - rm client_truststore.jks - - keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass airavata -validity 360 -keysize 2048 - What is your first and last name? - [Unknown]: airavata.host - What is the name of your organizational unit? - [Unknown]: airavata.host - What is the name of your organization? - [Unknown]: airavata.host - What is the name of your City or Locality? - [Unknown]: airavata.host - What is the name of your State or Province? - [Unknown]: airavata.host - What is the two-letter country code for this unit? - [Unknown]: airavata.host - Is CN=airavata.host, OU=airavata.host, O=airavata.host, L=airavata.host, ST=airavata.host, C=airavata.host correct? - [no]: yes - - - keytool -importkeystore -srckeystore keystore.jks -destkeystore airavata.jks -deststoretype pkcs12 + ```sh - rm keystore.jks + # Remove existing key stores + rm -f airavata.jks client_truststore.jks - keytool -export -alias selfsigned -file root.cer -keystore airavata.jks -storepass airavata + # Generate a PKCS12 keystore with a self-signed certificate + keytool -genkey -keyalg RSA -alias selfsigned -keystore airavata.jks -storetype pkcs12 -storepass airavata -validity 360 -keysize 2048 \ + -dname "CN=airavata.host, OU=airavata.host, O=airavata.host, L=airavata.host, ST=airavata.host, C=airavata.host" - keytool -import -alias mykey -file root.cer -keystore client_truststore.jks -storepass airavata - - rm root.cer - -``` + # Also generate a JKS keystore with that certificate (for backward-compatibility) + keytool -importkeystore -noprompt \ + -srckeystore airavata.jks -srcstoretype pkcs12 -srcstorepass airavata \ + -destkeystore client_truststore.jks -deststoretype jks -deststorepass airavata + ``` diff --git a/modules/ide-integration/pom.xml b/modules/ide-integration/pom.xml index 0f3bec05dc..f92e0a479e 100644 --- a/modules/ide-integration/pom.xml +++ b/modules/ide-integration/pom.xml @@ -83,6 +83,13 @@ <exclude>pga/**</exclude> </excludes> </resource> + <resource> + <directory>../../keystore</directory> + <includes> + <include>*.jks</include> + <include>*.p12</include> + </includes> + </resource> </resources> </build> diff --git a/modules/ide-integration/src/main/resources/keystores/airavata.jks b/modules/ide-integration/src/main/resources/keystores/airavata.jks deleted file mode 100644 index f61304fc5d..0000000000 Binary files a/modules/ide-integration/src/main/resources/keystores/airavata.jks and /dev/null differ diff --git a/modules/ide-integration/src/main/resources/keystores/airavata_sym.jks b/modules/ide-integration/src/main/resources/keystores/airavata_sym.jks deleted file mode 100644 index 57434f024d..0000000000 Binary files a/modules/ide-integration/src/main/resources/keystores/airavata_sym.jks and /dev/null differ diff --git a/modules/ide-integration/src/main/resources/keystores/client_truststore.jks b/modules/ide-integration/src/main/resources/keystores/client_truststore.jks deleted file mode 100644 index a449ce746b..0000000000 Binary files a/modules/ide-integration/src/main/resources/keystores/client_truststore.jks and /dev/null differ diff --git a/modules/sharing-registry/sharing-registry-server/pom.xml b/modules/sharing-registry/sharing-registry-server/pom.xml index f1e57519f1..c0909cbda3 100644 --- a/modules/sharing-registry/sharing-registry-server/pom.xml +++ b/modules/sharing-registry/sharing-registry-server/pom.xml @@ -144,6 +144,18 @@ </dependencies> </plugin> </plugins> + <resources> + <resource> + <directory>src/main/resources</directory> + </resource> + <resource> + <directory>../../keystore</directory> + <includes> + <include>*.jks</include> + <include>*.p12</include> + </includes> + </resource> + </resources> </build> </project> diff --git a/modules/sharing-registry/sharing-registry-server/src/main/resources/airavata.jks b/modules/sharing-registry/sharing-registry-server/src/main/resources/airavata.jks deleted file mode 100644 index e0e46e246e..0000000000 Binary files a/modules/sharing-registry/sharing-registry-server/src/main/resources/airavata.jks and /dev/null differ diff --git a/modules/sharing-registry/sharing-registry-server/src/main/resources/client_truststore.jks b/modules/sharing-registry/sharing-registry-server/src/main/resources/client_truststore.jks deleted file mode 100644 index 4ff588f961..0000000000 Binary files a/modules/sharing-registry/sharing-registry-server/src/main/resources/client_truststore.jks and /dev/null differ diff --git a/modules/sharing-registry/sharing-registry-server/src/test/resources/airavata.jks b/modules/sharing-registry/sharing-registry-server/src/test/resources/airavata.jks deleted file mode 100644 index e0e46e246e..0000000000 Binary files a/modules/sharing-registry/sharing-registry-server/src/test/resources/airavata.jks and /dev/null differ diff --git a/modules/sharing-registry/sharing-registry-server/src/test/resources/client_truststore.jks b/modules/sharing-registry/sharing-registry-server/src/test/resources/client_truststore.jks deleted file mode 100644 index 4ff588f961..0000000000 Binary files a/modules/sharing-registry/sharing-registry-server/src/test/resources/client_truststore.jks and /dev/null differ diff --git a/tools/load-client/src/main/resources/client_truststore.jks b/tools/load-client/src/main/resources/client_truststore.jks deleted file mode 100644 index 4ff588f961..0000000000 Binary files a/tools/load-client/src/main/resources/client_truststore.jks and /dev/null differ diff --git a/tools/load-client/src/main/resources/client_truststore.jks b/tools/load-client/src/main/resources/client_truststore.jks new file mode 120000 index 0000000000..e00ca795ca --- /dev/null +++ b/tools/load-client/src/main/resources/client_truststore.jks @@ -0,0 +1 @@ +../../../../../keystores/client_truststore.jks \ No newline at end of file
