Unify certificates

Author: Thanos Ploumis

core/src/main/groovy/noe/server/Httpd.groovy

@@ -50,7 +50,9 @@ abstract class Httpd extends ServerAbstract {
   String cachePath // directory for mod_cache caching
   File postInstallErrFile
   File postInstallOutFile
-  File sslCertDir
+  File sslCertsDir //Path to directory holding ssl certificates
+  File sslPrivateDir //Path to directory holding ssl keys
+  File sslKeystoresDir //Path to directory holding ssl keystores
 
   Httpd(String basedir, version) {
     super(basedir, version)
@@ -67,11 +69,10 @@ abstract class Httpd extends ServerAbstract {
     this.cachePath = this.basedir + platform.sep + 'cache'
     postInstallErrFile = new File(getHttpdServerRootFull(), 'httpdPostInstallErr.log')
     postInstallOutFile = new File(getHttpdServerRootFull(), 'httpdPostInstallOut.log')
-    String sslStringDir = PathHelper.join(platform.tmpDir, "ssl", "self_signed")
-    this.sslCertDir = new File(sslStringDir)
-    this.sslCertificate = new File(sslCertDir, "server.crt").absolutePath
-    this.sslKey = new File(sslCertDir, "server.key").absolutePath
-    this.keystorePath = new File(sslCertDir, "server.jks").absolutePath
+    String sslStringDir = PathHelper.join(platform.tmpDir, "ssl", "proper", "generated", "ca", "intermediate")
+    this.sslCertificate = new File(sslStringDir, "localhost.server.cert.pem").absolutePath
+    this.sslKey = new File(sslStringDir, "localhost.server.key.pem").absolutePath
+    this.keystorePath = new File(sslStringDir,"localhost.server.keystore.jks").absolutePath
   }
 
   static ServerAbstract getInstance(String basedir, version, String httpdDir = '', NoeContext context = NoeContext.forCurrentContext()) {

core/src/main/groovy/noe/server/ServerAbstract.groovy

@@ -98,11 +98,11 @@ abstract class ServerAbstract implements IApp {
     this.serverRoot = basedir
     this.host = (host) ?: DefaultProperties.HOST
     this.ignoreShutdownPort = true
-    this.sslCertificate = getDeplSrcPath() + "${platform.sep}ssl${platform.sep}self_signed${platform.sep}server.crt"
-    this.sslKey = getDeplSrcPath() + "${platform.sep}ssl${platform.sep}self_signed${platform.sep}server.key"
-    this.keystorePath = getDeplSrcPath() + "${platform.sep}ssl${platform.sep}self_signed${platform.sep}server.jks"
-    this.truststorePassword = 'changeit'
-    this.sslKeystorePassword = 'changeit'
+    this.sslCertificate = getDeplSrcPath() + "${platform.sep}ssl${platform.sep}proper${platform.sep}generated${platform.sep}ca${platform.sep}intermediate${platform.sep}localhost.server.cert.pem"
+    this.sslKey = getDeplSrcPath() + "${platform.sep}ssl${platform.sep}proper${platform.sep}generated${platform.sep}ca${platform.sep}intermediate${platform.sep}localhost.server.key.pem"
+    this.keystorePath = getDeplSrcPath() + "${platform.sep}ssl${platform.sep}proper${platform.sep}generated${platform.sep}ca${platform.sep}intermediate${platform.sep}localhost.server.keystore.jks"
+    this.truststorePassword = 'testpass'
+    this.sslKeystorePassword = 'testpass'
     this.pid = null
     setRunAs(loadRunAs())
     this.processCode = String.valueOf(Math.abs(this.hashCode()))

core/src/main/groovy/noe/server/Tomcat.groovy

@@ -42,7 +42,6 @@ class Tomcat extends ServerAbstract implements WorkerServer {
   def rootBasedir
   File postInstallErrFile
   File postInstallOutFile
-  File sslCertDir //Path to directory holding ssl certificates
 
   Tomcat(String basedir, version) {
     super(basedir, version)
@@ -62,12 +61,10 @@ class Tomcat extends ServerAbstract implements WorkerServer {
     this.cfgHost = (cfgHost) ?: ''
     postInstallErrFile = new File(basedir,  'tomcatPostInstallErr.log')
     postInstallOutFile = new File(basedir,  'tomcatPostInstallOut.log')
-    String sslStringDir = PathHelper.join(platform.tmpDir, "ssl", "self_signed")
-    this.sslCertDir = new File(sslStringDir)
-    this.sslCertificate = new File(sslCertDir, "server.crt").absolutePath
-    this.sslKey = new File(sslCertDir, "server.key").absolutePath
-    this.keystorePath = new File(sslCertDir, "server.jks").absolutePath
-
+    String sslStringDir = PathHelper.join(platform.tmpDir, "ssl", "proper", "generated", "ca", "intermediate")
+    this.sslCertificate = new File(sslStringDir, "localhost.server.cert.pem").absolutePath
+    this.sslKey = new File(sslStringDir, "localhost.server.key.pem").absolutePath
+    this.keystorePath = new File(sslStringDir,"localhost.server.keystore.jks").absolutePath
   }
 
   static ServerAbstract getInstance(String basedir, version, String tomcatDir = "", NoeContext context = NoeContext.forCurrentContext()) {

core/src/main/groovy/noe/tomcat/configure/SecureHttpConnectorTomcat.groovy

@@ -1,5 +1,6 @@
 package noe.tomcat.configure
 
+import noe.common.utils.PathHelper
 import noe.common.utils.Platform
 
 /**
@@ -52,23 +53,22 @@ public class SecureHttpConnectorTomcat extends ConnectorTomcatAbstract<SecureHtt
   }
 
   /**
-   * Configure secure http connector to expect certificates in ${SYSTEM_TEMP}/ssl/self_signed directory
+   * Configure secure http connector to expect certificates in ${SYSTEM_TEMP}/ssl/proper/generated/ca/intermediate directory
    * Expected names:
    *  <ul>
-   *    <li>certificate = server.crt</li>
-   *    <li>key file = server.key</li>
-   *    <li>keystore = server.jks</li>
+   *    <li>certificate = localhost.server.cert.pem</li>
+   *    <li>key file = localhost.server.key.pem</li>
+   *    <li>keystore = localhost.server.keystore.jks</li>
    *    <li></li>
    *  </ul>
    *  Password for keystore, trustore and SSL sets to "changeit" (without apostrophes).
    */
   SecureHttpConnectorTomcat setDefaultCertificatesConfiguration() {
-    String sslRoot = new File(new Platform().getTmpDir(), "ssl").getCanonicalPath()
-    String sslStringDir = new File(sslRoot, "self_signed").getCanonicalPath()
-    String sslCertificate = new File(sslStringDir, "server.crt").getCanonicalPath()
-    String sslCertificateKey = new File(sslStringDir, "server.key").getCanonicalPath()
-    String keystoreFilePath = new File(sslStringDir, "server.jks").getCanonicalPath()
-    String password = "changeit"
+    String sslStringDir = PathHelper.join(new Platform().getTmpDir(), "ssl", "proper", "generated", "ca", "intermediate").getCanonicalPath()
+    String sslCertificate = new File(sslStringDir, "localhost.server.cert.pem").getCanonicalPath()
+    String sslCertificateKey = new File(sslStringDir, "localhost.server.key.pem").getCanonicalPath()
+    String keystoreFilePath = new File(sslStringDir, "localhost.server.keystore.jks").getCanonicalPath()
+    String password = "testpass"
 
     setSslCertificateFile(sslCertificate)
     setSslCertificateKeyFile(sslCertificateKey)

core/src/main/groovy/noe/workspace/WorkspaceAbstract.groovy

@@ -123,20 +123,21 @@ abstract class WorkspaceAbstract implements IWorkspace {
    * Copies self-signed, pre-generated certificates from noe core to ${tmpdir}/ssl/self_signed directory.
    *
    */
+
   void copyCertificates() {
-    List<String> certificates = ["server.crt", "server.jks", "server.key", "server.p12"]
-    String sslStringDir = PathHelper.join(platform.tmpDir, "ssl", "self_signed")
+    List<String> certificates = ["localhost.server.cert.pem", "localhost.server.key.pem", "localhost.server.keystore.jks"]
+    List<String> certificatesPaths = ["ssl/proper/generated/ca/intermediate/certs/", "ssl/proper/generated/ca/intermediate/private/", "ssl/proper/generated/ca/intermediate/keystores/"]
+    String sslStringDir = PathHelper.join(platform.tmpDir, "ssl", "proper", "generated", "ca", "intermediate")
     File sslDir = new File(sslStringDir)
-    String resourcesPath = "ssl/self_signed/"  //resources jar path is always separated by /
 
     if (!sslDir.exists()) {
       JBFile.mkdir(sslDir)
     }
 
     JBFile.makeAccessible(sslDir)
 
-    for (String certName : certificates) {
-      File certFile = Library.retrieveResourceAsFile("${resourcesPath}${certName}")
+    for (int i = 0; i < 3; i++) {
+      File certFile = Library.retrieveResourceAsFile("${certificatesPaths[i]}${certificates[i]}")
       JBFile.move(certFile, sslDir)
     }
   }