Improve PEM certificates processing. Fix lwm2m transport test properties.

Igor Kulikov
1 parent 78e00265
Showing 2 changed files with 23 additions and 10 deletions
application/src/test/resources/application-test.properties
common/transport/transport-api/src/main/java/org/thingsboard/server/common/transport/config/ssl/PemSslCredentials.java
--- a/application/src/test/resources/application-test.properties
View file @a47bb55
+++ b/application/src/test/resources/application-test.properties
View file @a47bb55
-transport.lwm2m.security.key_store=lwm2m/credentials/serverKeyStore.jks
-transport.lwm2m.security.key_store_password=server
+transport.lwm2m.server.security.credentials.enabled=true
+transport.lwm2m.server.security.credentials.type=KEYSTORE
+transport.lwm2m.server.security.credentials.keystore.store_file=lwm2m/credentials/serverKeyStore.jks
+transport.lwm2m.server.security.credentials.keystore.store_password=server
+transport.lwm2m.server.security.credentials.keystore.key_alias=server
+transport.lwm2m.server.security.credentials.keystore.key_password=server
+transport.lwm2m.bootstrap.security.credentials.enabled=true
+transport.lwm2m.bootstrap.security.credentials.type=KEYSTORE
+transport.lwm2m.bootstrap.security.credentials.keystore.store_file=lwm2m/credentials/serverKeyStore.jks
+transport.lwm2m.bootstrap.security.credentials.keystore.store_password=server
+transport.lwm2m.bootstrap.security.credentials.keystore.key_alias=server
+transport.lwm2m.bootstrap.security.credentials.keystore.key_password=server
+transport.lwm2m.security.trust-credentials.enabled=true
+transport.lwm2m.security.trust-credentials.type=KEYSTORE
+transport.lwm2m.security.trust-credentials.keystore.store_file=lwm2m/credentials/serverKeyStore.jks
+transport.lwm2m.security.trust-credentials.keystore.store_password=server
+
 edges.enabled=true
 edges.storage.no_read_records_sleep=500
 edges.storage.sleep_between_batches=500
-transport.lwm2m.server.security.key_alias=server
-transport.lwm2m.server.security.key_password=server
-transport.lwm2m.bootstrap.security.key_alias=server
-transport.lwm2m.bootstrap.security.key_password=server
-actors.rpc.sequential=true
\ No newline at end of file
+actors.rpc.sequential=true
--- a/common/transport/transport-api/src/main/java/org/thingsboard/server/common/transport/config/ssl/PemSslCredentials.java
View file @a47bb55
+++ b/common/transport/transport-api/src/main/java/org/thingsboard/server/common/transport/config/ssl/PemSslCredentials.java
View file @a47bb55
@@ -114,9 +114,11 @@ public class PemSslCredentials extends AbstractSslCredentials {
         }
         KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
         keyStore.load(null);
-        List<Certificate> unique = certificates.stream().distinct().collect(Collectors.toList());
-        for (int i = 0; i < unique.size(); i++) {
-            keyStore.setCertificateEntry("root-" + i, unique.get(i));
+        if (trustsOnly) {
+            List<Certificate> unique = certificates.stream().distinct().collect(Collectors.toList());
+            for (int i = 0; i < unique.size(); i++) {
+                keyStore.setCertificateEntry("root-" + i, unique.get(i));
+            }
         }
         if (privateKey != null) {
             CertificateFactory factory = CertificateFactory.getInstance("X.509");