script fixes & cleanup

2017-01-18 00:48:07 -05:00 · 2017-01-18 00:48:07 -05:00 · 5ff5454033
commit 5ff5454033
parent 044f2a204d
7 changed files with 30 additions and 25 deletions
--- a/application/src/main/resources/thingsboard.yml
+++ b/application/src/main/resources/thingsboard.yml
@ -76,14 +76,10 @@ mqtt:
  adaptor: "${MQTT_ADAPTOR_NAME:JsonMqttAdaptor}"
  timeout: "${MQTT_TIMEOUT:10000}"
 # Uncomment the following lines to enable ssl for MQTT
-#  ssl:
-#    key_store: keystore/mqttserver.jks
-#    key_store_password: password
-#    key_store_type: JKS
-# TrustStore can be the same as KeyStore
-#    trust_store: keystore/mqttserver.jks
-#    trust_store_password: password
-#    trust_store_type: JKS
+  ssl:
+    key_store: keystore/mqttserver.jks
+    key_store_password: password
+    key_store_type: JKS

 # CoAP server parameters
 coap:
--- a/docker/.env
+++ b/docker/.env
@ -1 +1,2 @@
-CASSANDRA_DATA_DIR=/home/docker/cassandra_volume
+CASSANDRA_DATA_DIR=/Users/admin/data_dir
+#CASSANDRA_DATA_DIR=/home/docker/cassandra_volume
--- a/tools/src/main/shell/keygen.properties
+++ b/tools/src/main/shell/keygen.properties
@ -1,4 +1,20 @@
-HOSTNAME="$(hostname)"
+#
+# Copyright © 2016-2017 The Thingsboard Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+DOMAIN_SUFFIX="$(hostname)"
 PASSWORD="password"

 CLIENT_TRUSTSTORE="client_truststore.pem"
--- a/tools/src/main/shell/keygen.sh
+++ b/tools/src/main/shell/keygen.sh
@ -27,7 +27,7 @@ usage() {
 }

 COPY=true;
-COPY_DIR="d"
+COPY_DIR=
 PROPERTIES_FILE=keygen.properties

 while true; do
@ -65,7 +65,7 @@ echo "Generating SSL Key Pair..."

 keytool -genkeypair -v \
  -alias $SERVER_KEY_ALIAS \
-  -dname "CN=$HOSTNAME, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
+  -dname "CN=$DOMAIN_SUFFIX, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
  -keystore $SERVER_FILE_PREFIX.jks \
  -keypass $PASSWORD \
  -storepass $PASSWORD \
@ -95,7 +95,7 @@ if [[ $COPY = true ]]; then
        read -p  "Do you want to copy $SERVER_FILE_PREFIX.jks to server directory? " yn
            case $yn in
                [Yy]) echo "Please, specify destination dir: "
-                     read -p "(Default: copy_dir): " dir
+                     read -p "(Default: $SERVER_KEYSTORE_DIR): " dir
                     if [[ !  -z  $dir  ]]; then
                        DESTINATION=$dir;
                     else
--- a/tools/src/main/shell/securemqttclient.keygen.sh
+++ b/tools/src/main/shell/securemqttclient.keygen.sh
@ -48,7 +48,7 @@ echo "Generating SSL Key Pair..."

 keytool -genkeypair -v \
  -alias $CLIENT_KEY_ALIAS \
-  -dname "CN=$HOSTNAME, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
+  -dname "CN=$DOMAIN_SUFFIX, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
  -keystore $CLIENT_FILE_PREFIX.jks \
  -keypass $PASSWORD \
  -storepass $PASSWORD \
--- a/tools/src/main/shell/twowaysslmqttclient.py
+++ b/tools/src/main/shell/twowaysslmqttclient.py
@ -45,7 +45,6 @@ client.publish('v1/devices/me/attributes/request/1', "{\"clientKeys\":\"model\"}
 client.tls_set(ca_certs="client_truststore.pem", certfile="mqttclient.nopass.pem", keyfile=None, cert_reqs=ssl.CERT_REQUIRED,
                       tls_version=ssl.PROTOCOL_TLSv1, ciphers=None);

-client.username_pw_set("TEST_TOKEN")
 client.tls_insecure_set(False)
 client.connect(socket.gethostname(), 1883, 1)

--- a/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
+++ b/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
@ -52,13 +52,6 @@ public class MqttSslHandlerProvider {
    @Value("${mqtt.ssl.key_store_type}")
    private String keyStoreType;

-    @Value("${mqtt.ssl.trust_store}")
-    private String trustStoreFile;
-    @Value("${mqtt.ssl.trust_store_password}")
-    private String trustStorePassword;
-    @Value("${mqtt.ssl.trust_store_type}")
-    private String trustStoreType;
-
    @Autowired
    private DeviceCredentialsService deviceCredentialsService;

@ -67,12 +60,12 @@ public class MqttSslHandlerProvider {
        try {
            URL ksUrl = Resources.getResource(keyStoreFile);
            File ksFile = new File(ksUrl.toURI());
-            URL tsUrl = Resources.getResource(trustStoreFile);
+            URL tsUrl = Resources.getResource(keyStoreFile);
            File tsFile = new File(tsUrl.toURI());

            TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-            KeyStore trustStore = KeyStore.getInstance(trustStoreType);
-            trustStore.load(new FileInputStream(tsFile), trustStorePassword.toCharArray());
+            KeyStore trustStore = KeyStore.getInstance(keyStoreType);
+            trustStore.load(new FileInputStream(tsFile), keyStorePassword.toCharArray());
            tmFactory.init(trustStore);

            KeyStore ks = KeyStore.getInstance(keyStoreType);