简柏林 / thingskit · Commits

Commit 5ff54540337f702caacff5be9552691b0f03350e

Authored by Valerii Sosliuk
1 parent 044f2a20

script fixes & cleanup

Inline Side-by-side
Showing 7 changed files with 30 additions and 25 deletions
@@ -76,14 +76,10 @@ mqtt: @@ -76,14 +76,10 @@ mqtt:
76 adaptor: "${MQTT_ADAPTOR_NAME:JsonMqttAdaptor}" 76 adaptor: "${MQTT_ADAPTOR_NAME:JsonMqttAdaptor}"
77 timeout: "${MQTT_TIMEOUT:10000}" 77 timeout: "${MQTT_TIMEOUT:10000}"
78 # Uncomment the following lines to enable ssl for MQTT 78 # Uncomment the following lines to enable ssl for MQTT
79 -# ssl:  
80 -# key_store: keystore/mqttserver.jks  
81 -# key_store_password: password  
82 -# key_store_type: JKS  
83 -# TrustStore can be the same as KeyStore  
84 -# trust_store: keystore/mqttserver.jks  
85 -# trust_store_password: password  
86 -# trust_store_type: JKS 79 + ssl:
  80 + key_store: keystore/mqttserver.jks
  81 + key_store_password: password
  82 + key_store_type: JKS
87 83
88 # CoAP server parameters 84 # CoAP server parameters
89 coap: 85 coap:
1 -CASSANDRA_DATA_DIR=/home/docker/cassandra_volume 1 +CASSANDRA_DATA_DIR=/Users/admin/data_dir
  2 +#CASSANDRA_DATA_DIR=/home/docker/cassandra_volume
1 -HOSTNAME="$(hostname)" 1 +#
  2 +# Copyright © 2016-2017 The Thingsboard Authors
  3 +#
  4 +# Licensed under the Apache License, Version 2.0 (the "License");
  5 +# you may not use this file except in compliance with the License.
  6 +# You may obtain a copy of the License at
  7 +#
  8 +# http://www.apache.org/licenses/LICENSE-2.0
  9 +#
  10 +# Unless required by applicable law or agreed to in writing, software
  11 +# distributed under the License is distributed on an "AS IS" BASIS,
  12 +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13 +# See the License for the specific language governing permissions and
  14 +# limitations under the License.
  15 +#
  16 +
  17 +DOMAIN_SUFFIX="$(hostname)"
2 PASSWORD="password" 18 PASSWORD="password"
3 19
4 CLIENT_TRUSTSTORE="client_truststore.pem" 20 CLIENT_TRUSTSTORE="client_truststore.pem"
@@ -27,7 +27,7 @@ usage() { @@ -27,7 +27,7 @@ usage() {
27 } 27 }
28 28
29 COPY=true; 29 COPY=true;
30 -COPY_DIR="d" 30 +COPY_DIR=
31 PROPERTIES_FILE=keygen.properties 31 PROPERTIES_FILE=keygen.properties
32 32
33 while true; do 33 while true; do
@@ -65,7 +65,7 @@ echo "Generating SSL Key Pair..." @@ -65,7 +65,7 @@ echo "Generating SSL Key Pair..."
65 65
66 keytool -genkeypair -v \ 66 keytool -genkeypair -v \
67 -alias $SERVER_KEY_ALIAS \ 67 -alias $SERVER_KEY_ALIAS \
68 - -dname "CN=$HOSTNAME, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \ 68 + -dname "CN=$DOMAIN_SUFFIX, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
69 -keystore $SERVER_FILE_PREFIX.jks \ 69 -keystore $SERVER_FILE_PREFIX.jks \
70 -keypass $PASSWORD \ 70 -keypass $PASSWORD \
71 -storepass $PASSWORD \ 71 -storepass $PASSWORD \
@@ -95,7 +95,7 @@ if [[ $COPY = true ]]; then @@ -95,7 +95,7 @@ if [[ $COPY = true ]]; then
95 read -p "Do you want to copy $SERVER_FILE_PREFIX.jks to server directory? " yn 95 read -p "Do you want to copy $SERVER_FILE_PREFIX.jks to server directory? " yn
96 case $yn in 96 case $yn in
97 [Yy]) echo "Please, specify destination dir: " 97 [Yy]) echo "Please, specify destination dir: "
98 - read -p "(Default: copy_dir): " dir 98 + read -p "(Default: $SERVER_KEYSTORE_DIR): " dir
99 if [[ ! -z $dir ]]; then 99 if [[ ! -z $dir ]]; then
100 DESTINATION=$dir; 100 DESTINATION=$dir;
101 else 101 else
@@ -48,7 +48,7 @@ echo "Generating SSL Key Pair..." @@ -48,7 +48,7 @@ echo "Generating SSL Key Pair..."
48 48
49 keytool -genkeypair -v \ 49 keytool -genkeypair -v \
50 -alias $CLIENT_KEY_ALIAS \ 50 -alias $CLIENT_KEY_ALIAS \
51 - -dname "CN=$HOSTNAME, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \ 51 + -dname "CN=$DOMAIN_SUFFIX, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
52 -keystore $CLIENT_FILE_PREFIX.jks \ 52 -keystore $CLIENT_FILE_PREFIX.jks \
53 -keypass $PASSWORD \ 53 -keypass $PASSWORD \
54 -storepass $PASSWORD \ 54 -storepass $PASSWORD \
@@ -45,7 +45,6 @@ client.publish('v1/devices/me/attributes/request/1', "{\"clientKeys\":\"model\"} @@ -45,7 +45,6 @@ client.publish('v1/devices/me/attributes/request/1', "{\"clientKeys\":\"model\"}
45 client.tls_set(ca_certs="client_truststore.pem", certfile="mqttclient.nopass.pem", keyfile=None, cert_reqs=ssl.CERT_REQUIRED, 45 client.tls_set(ca_certs="client_truststore.pem", certfile="mqttclient.nopass.pem", keyfile=None, cert_reqs=ssl.CERT_REQUIRED,
46 tls_version=ssl.PROTOCOL_TLSv1, ciphers=None); 46 tls_version=ssl.PROTOCOL_TLSv1, ciphers=None);
47 47
48 -client.username_pw_set("TEST_TOKEN")  
49 client.tls_insecure_set(False) 48 client.tls_insecure_set(False)
50 client.connect(socket.gethostname(), 1883, 1) 49 client.connect(socket.gethostname(), 1883, 1)
51 50
@@ -52,13 +52,6 @@ public class MqttSslHandlerProvider { @@ -52,13 +52,6 @@ public class MqttSslHandlerProvider {
52 @Value("${mqtt.ssl.key_store_type}") 52 @Value("${mqtt.ssl.key_store_type}")
53 private String keyStoreType; 53 private String keyStoreType;
54 54
55 - @Value("${mqtt.ssl.trust_store}")  
56 - private String trustStoreFile;  
57 - @Value("${mqtt.ssl.trust_store_password}")  
58 - private String trustStorePassword;  
59 - @Value("${mqtt.ssl.trust_store_type}")  
60 - private String trustStoreType;  
61 -  
62 @Autowired 55 @Autowired
63 private DeviceCredentialsService deviceCredentialsService; 56 private DeviceCredentialsService deviceCredentialsService;
64 57
@@ -67,12 +60,12 @@ public class MqttSslHandlerProvider { @@ -67,12 +60,12 @@ public class MqttSslHandlerProvider {
67 try { 60 try {
68 URL ksUrl = Resources.getResource(keyStoreFile); 61 URL ksUrl = Resources.getResource(keyStoreFile);
69 File ksFile = new File(ksUrl.toURI()); 62 File ksFile = new File(ksUrl.toURI());
70 - URL tsUrl = Resources.getResource(trustStoreFile); 63 + URL tsUrl = Resources.getResource(keyStoreFile);
71 File tsFile = new File(tsUrl.toURI()); 64 File tsFile = new File(tsUrl.toURI());
72 65
73 TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); 66 TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
74 - KeyStore trustStore = KeyStore.getInstance(trustStoreType);  
75 - trustStore.load(new FileInputStream(tsFile), trustStorePassword.toCharArray()); 67 + KeyStore trustStore = KeyStore.getInstance(keyStoreType);
  68 + trustStore.load(new FileInputStream(tsFile), keyStorePassword.toCharArray());
76 tmFactory.init(trustStore); 69 tmFactory.init(trustStore);
77 70
78 KeyStore ks = KeyStore.getInstance(keyStoreType); 71 KeyStore ks = KeyStore.getInstance(keyStoreType);