script fixes & cleanup

Valerii Sosliuk
1 parent 044f2a20
Showing 7 changed files with 30 additions and 25 deletions
application/src/main/resources/thingsboard.yml
docker/.env
tools/src/main/shell/keygen.properties
tools/src/main/shell/keygen.sh
tools/src/main/shell/securemqttclient.keygen.sh
tools/src/main/shell/twowaysslmqttclient.py
transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
--- a/application/src/main/resources/thingsboard.yml
View file @5ff5454
+++ b/application/src/main/resources/thingsboard.yml
View file @5ff5454
@@ -76,14 +76,10 @@ mqtt:
   adaptor: "${MQTT_ADAPTOR_NAME:JsonMqttAdaptor}"
   timeout: "${MQTT_TIMEOUT:10000}"
 # Uncomment the following lines to enable ssl for MQTT
-#  ssl:
-#    key_store: keystore/mqttserver.jks
-#    key_store_password: password
-#    key_store_type: JKS
-# TrustStore can be the same as KeyStore
-#    trust_store: keystore/mqttserver.jks
-#    trust_store_password: password
-#    trust_store_type: JKS
+  ssl:
+    key_store: keystore/mqttserver.jks
+    key_store_password: password
+    key_store_type: JKS
 
 # CoAP server parameters
 coap:
--- a/docker/.env
View file @5ff5454
+++ b/docker/.env
View file @5ff5454
-CASSANDRA_DATA_DIR=/home/docker/cassandra_volume
+CASSANDRA_DATA_DIR=/Users/admin/data_dir
+#CASSANDRA_DATA_DIR=/home/docker/cassandra_volume
--- a/tools/src/main/shell/keygen.properties
View file @5ff5454
+++ b/tools/src/main/shell/keygen.properties
View file @5ff5454
-HOSTNAME="$(hostname)"
+#
+# Copyright © 2016-2017 The Thingsboard Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+DOMAIN_SUFFIX="$(hostname)"
 PASSWORD="password"
 
 CLIENT_TRUSTSTORE="client_truststore.pem"
--- a/tools/src/main/shell/keygen.sh
View file @5ff5454
+++ b/tools/src/main/shell/keygen.sh
View file @5ff5454
@@ -27,7 +27,7 @@ usage() {
 }
 
 COPY=true;
-COPY_DIR="d"
+COPY_DIR=
 PROPERTIES_FILE=keygen.properties
 
 while true; do
@@ -65,7 +65,7 @@ echo "Generating SSL Key Pair..."
 
 keytool -genkeypair -v \
   -alias $SERVER_KEY_ALIAS \
-  -dname "CN=$HOSTNAME, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
+  -dname "CN=$DOMAIN_SUFFIX, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
   -keystore $SERVER_FILE_PREFIX.jks \
   -keypass $PASSWORD \
   -storepass $PASSWORD \
@@ -95,7 +95,7 @@ if [[ $COPY = true ]]; then
         read -p  "Do you want to copy $SERVER_FILE_PREFIX.jks to server directory? " yn
             case $yn in
                 [Yy]) echo "Please, specify destination dir: "
-                     read -p "(Default: copy_dir): " dir
+                     read -p "(Default: $SERVER_KEYSTORE_DIR): " dir
                      if [[ !  -z  $dir  ]]; then
                         DESTINATION=$dir;
                      else
--- a/tools/src/main/shell/securemqttclient.keygen.sh
View file @5ff5454
+++ b/tools/src/main/shell/securemqttclient.keygen.sh
View file @5ff5454
@@ -48,7 +48,7 @@ echo "Generating SSL Key Pair..."
 
 keytool -genkeypair -v \
   -alias $CLIENT_KEY_ALIAS \
-  -dname "CN=$HOSTNAME, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
+  -dname "CN=$DOMAIN_SUFFIX, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
   -keystore $CLIENT_FILE_PREFIX.jks \
   -keypass $PASSWORD \
   -storepass $PASSWORD \
--- a/tools/src/main/shell/twowaysslmqttclient.py
View file @5ff5454
+++ b/tools/src/main/shell/twowaysslmqttclient.py
View file @5ff5454
@@ -45,7 +45,6 @@ client.publish('v1/devices/me/attributes/request/1', "{\"clientKeys\":\"model\"}
 client.tls_set(ca_certs="client_truststore.pem", certfile="mqttclient.nopass.pem", keyfile=None, cert_reqs=ssl.CERT_REQUIRED,
                        tls_version=ssl.PROTOCOL_TLSv1, ciphers=None);
 
-client.username_pw_set("TEST_TOKEN")
 client.tls_insecure_set(False)
 client.connect(socket.gethostname(), 1883, 1)
 
--- a/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
View file @5ff5454
+++ b/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
View file @5ff5454
@@ -52,13 +52,6 @@ public class MqttSslHandlerProvider {
     @Value("${mqtt.ssl.key_store_type}")
     private String keyStoreType;
 
-    @Value("${mqtt.ssl.trust_store}")
-    private String trustStoreFile;
-    @Value("${mqtt.ssl.trust_store_password}")
-    private String trustStorePassword;
-    @Value("${mqtt.ssl.trust_store_type}")
-    private String trustStoreType;
-
     @Autowired
     private DeviceCredentialsService deviceCredentialsService;
 
@@ -67,12 +60,12 @@ public class MqttSslHandlerProvider {
         try {
             URL ksUrl = Resources.getResource(keyStoreFile);
             File ksFile = new File(ksUrl.toURI());
-            URL tsUrl = Resources.getResource(trustStoreFile);
+            URL tsUrl = Resources.getResource(keyStoreFile);
             File tsFile = new File(tsUrl.toURI());
 
             TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-            KeyStore trustStore = KeyStore.getInstance(trustStoreType);
-            trustStore.load(new FileInputStream(tsFile), trustStorePassword.toCharArray());
+            KeyStore trustStore = KeyStore.getInstance(keyStoreType);
+            trustStore.load(new FileInputStream(tsFile), keyStorePassword.toCharArray());
             tmFactory.init(trustStore);
 
             KeyStore ks = KeyStore.getInstance(keyStoreType);