From 5ff54540337f702caacff5be9552691b0f03350e Mon Sep 17 00:00:00 2001
From: Valerii Sosliuk <valerii.sosliuk@gmail.com>
Date: Wed, 18 Jan 2017 00:48:07 -0500
Subject: [PATCH] script fixes & cleanup

---
 application/src/main/resources/thingsboard.yml | 12 ++++--------
 docker/.env                                    |  3 ++-
 tools/src/main/shell/keygen.properties         | 18 +++++++++++++++++-
 tools/src/main/shell/keygen.sh                 |  6 +++---
 .../src/main/shell/securemqttclient.keygen.sh  |  2 +-
 tools/src/main/shell/twowaysslmqttclient.py    |  1 -
 .../transport/mqtt/MqttSslHandlerProvider.java | 13 +++----------
 7 files changed, 30 insertions(+), 25 deletions(-)

diff --git a/application/src/main/resources/thingsboard.yml b/application/src/main/resources/thingsboard.yml
index f74d30d238..288914822d 100644
--- a/application/src/main/resources/thingsboard.yml
+++ b/application/src/main/resources/thingsboard.yml
@@ -76,14 +76,10 @@ mqtt:
   adaptor: "${MQTT_ADAPTOR_NAME:JsonMqttAdaptor}"
   timeout: "${MQTT_TIMEOUT:10000}"
 # Uncomment the following lines to enable ssl for MQTT
-#  ssl:
-#    key_store: keystore/mqttserver.jks
-#    key_store_password: password
-#    key_store_type: JKS
-# TrustStore can be the same as KeyStore
-#    trust_store: keystore/mqttserver.jks
-#    trust_store_password: password
-#    trust_store_type: JKS
+  ssl:
+    key_store: keystore/mqttserver.jks
+    key_store_password: password
+    key_store_type: JKS
 
 # CoAP server parameters
 coap:
diff --git a/docker/.env b/docker/.env
index ca7f2b0357..534d4e86c2 100644
--- a/docker/.env
+++ b/docker/.env
@@ -1 +1,2 @@
-CASSANDRA_DATA_DIR=/home/docker/cassandra_volume
+CASSANDRA_DATA_DIR=/Users/admin/data_dir
+#CASSANDRA_DATA_DIR=/home/docker/cassandra_volume
diff --git a/tools/src/main/shell/keygen.properties b/tools/src/main/shell/keygen.properties
index d27e0f5106..08d6816c44 100644
--- a/tools/src/main/shell/keygen.properties
+++ b/tools/src/main/shell/keygen.properties
@@ -1,4 +1,20 @@
-HOSTNAME="$(hostname)"
+#
+# Copyright © 2016-2017 The Thingsboard Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+DOMAIN_SUFFIX="$(hostname)"
 PASSWORD="password"
 
 CLIENT_TRUSTSTORE="client_truststore.pem"
diff --git a/tools/src/main/shell/keygen.sh b/tools/src/main/shell/keygen.sh
index a287292b86..1572d8908c 100755
--- a/tools/src/main/shell/keygen.sh
+++ b/tools/src/main/shell/keygen.sh
@@ -27,7 +27,7 @@ usage() {
 }
 
 COPY=true;
-COPY_DIR="d"
+COPY_DIR=
 PROPERTIES_FILE=keygen.properties
 
 while true; do
@@ -65,7 +65,7 @@ echo "Generating SSL Key Pair..."
 
 keytool -genkeypair -v \
   -alias $SERVER_KEY_ALIAS \
-  -dname "CN=$HOSTNAME, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
+  -dname "CN=$DOMAIN_SUFFIX, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
   -keystore $SERVER_FILE_PREFIX.jks \
   -keypass $PASSWORD \
   -storepass $PASSWORD \
@@ -95,7 +95,7 @@ if [[ $COPY = true ]]; then
         read -p  "Do you want to copy $SERVER_FILE_PREFIX.jks to server directory? " yn
             case $yn in
                 [Yy]) echo "Please, specify destination dir: "
-                     read -p "(Default: copy_dir): " dir
+                     read -p "(Default: $SERVER_KEYSTORE_DIR): " dir
                      if [[ !  -z  $dir  ]]; then
                         DESTINATION=$dir;
                      else
diff --git a/tools/src/main/shell/securemqttclient.keygen.sh b/tools/src/main/shell/securemqttclient.keygen.sh
index c85f2ff356..4d986cdac9 100755
--- a/tools/src/main/shell/securemqttclient.keygen.sh
+++ b/tools/src/main/shell/securemqttclient.keygen.sh
@@ -48,7 +48,7 @@ echo "Generating SSL Key Pair..."
 
 keytool -genkeypair -v \
   -alias $CLIENT_KEY_ALIAS \
-  -dname "CN=$HOSTNAME, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
+  -dname "CN=$DOMAIN_SUFFIX, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
   -keystore $CLIENT_FILE_PREFIX.jks \
   -keypass $PASSWORD \
   -storepass $PASSWORD \
diff --git a/tools/src/main/shell/twowaysslmqttclient.py b/tools/src/main/shell/twowaysslmqttclient.py
index 9ca43c6419..d51df36f09 100644
--- a/tools/src/main/shell/twowaysslmqttclient.py
+++ b/tools/src/main/shell/twowaysslmqttclient.py
@@ -45,7 +45,6 @@ client.publish('v1/devices/me/attributes/request/1', "{\"clientKeys\":\"model\"}
 client.tls_set(ca_certs="client_truststore.pem", certfile="mqttclient.nopass.pem", keyfile=None, cert_reqs=ssl.CERT_REQUIRED,
                        tls_version=ssl.PROTOCOL_TLSv1, ciphers=None);
 
-client.username_pw_set("TEST_TOKEN")
 client.tls_insecure_set(False)
 client.connect(socket.gethostname(), 1883, 1)
 
diff --git a/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java b/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
index 5701c71864..da478ebd40 100644
--- a/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
+++ b/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
@@ -52,13 +52,6 @@ public class MqttSslHandlerProvider {
     @Value("${mqtt.ssl.key_store_type}")
     private String keyStoreType;
 
-    @Value("${mqtt.ssl.trust_store}")
-    private String trustStoreFile;
-    @Value("${mqtt.ssl.trust_store_password}")
-    private String trustStorePassword;
-    @Value("${mqtt.ssl.trust_store_type}")
-    private String trustStoreType;
-
     @Autowired
     private DeviceCredentialsService deviceCredentialsService;
 
@@ -67,12 +60,12 @@ public class MqttSslHandlerProvider {
         try {
             URL ksUrl = Resources.getResource(keyStoreFile);
             File ksFile = new File(ksUrl.toURI());
-            URL tsUrl = Resources.getResource(trustStoreFile);
+            URL tsUrl = Resources.getResource(keyStoreFile);
             File tsFile = new File(tsUrl.toURI());
 
             TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-            KeyStore trustStore = KeyStore.getInstance(trustStoreType);
-            trustStore.load(new FileInputStream(tsFile), trustStorePassword.toCharArray());
+            KeyStore trustStore = KeyStore.getInstance(keyStoreType);
+            trustStore.load(new FileInputStream(tsFile), keyStorePassword.toCharArray());
             tmFactory.init(trustStore);
 
             KeyStore ks = KeyStore.getInstance(keyStoreType);