...
Policy Management Service
The A1 Policy Management Service uses the default keystore and truststore that are built into the container. The paths and passwords for these stores are located in a yaml file:
oran/a1-policy-management/config/application.yamlpasswords for these stores are located in a yaml file, with an example is provided in the source code repository a1-policy-management/config/application.yaml
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
#
# ============LICENSE_START=======================================================
# ONAP : ccsdk oran
# ================================================================================
# Copyright (C) 2020 Nordix Foundation. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=========================================================
#
spring:
profiles:
active: prod
main:
allow-bean-definition-overriding: true
aop:
auto: false
management:
endpoints:
web:
exposure:
# Enabling of springboot actuator features. See springboot documentation.
include: "loggers,logfile,health,info,metrics,threaddump,heapdump"
logging:
# Configuration of logging
level:
ROOT: ERROR
org.springframework: ERROR
org.springframework.data: ERROR
org.springframework.web.reactive.function.client.ExchangeFunctions: ERROR
org.onap.ccsdk.oran.a1policymanagementservice: INFO
# org.onap.ccsdk.oran.a1policymanagementservice.tasks: TRACE
file:
name: /var/log/policy-agent/application.log
server:
# Configuration of the HTTP/REST server. The parameters are defined and handeled by the springboot framework.
# See springboot documentation.
port : 8433
http-port: 8081
ssl:
key-store-type: JKS
key-store-password: policy_agent
key-store: /opt/app/policy-agent/etc/cert/keystore.jks
key-password: policy_agent
key-alias: policy_agent
app:
# Location of the component configuration file. The file will only be used if the Consul database is not used;
# configuration from the Consul will override the file.
filepath: /opt/app/policy-agent/data/application_configuration.json
webclient:
# Configuration of the trust store used for the HTTP client (outgoing requests)
# The file location and the password for the truststore is only relevant if trust-store-used == true
# Note that the same keystore as for the server is used.
trust-store-used: false
trust-store-password: policy_agent
trust-store: /opt/app/policy-agent/etc/cert/truststore.jks
# Configuration of usage of HTTP Proxy for the southbound accesses.
# The HTTP proxy (if configured) will only be used for accessing NearRT RIC:s
# proxy-type can be either HTTP, SOCKS4 or SOCKS5
http.proxy-host:
http.proxy-port: 0
http.proxy-type: HTTP
# path where the service can store data
vardata-directory: /var/policy-management-service
config-file-schema-path: |
There is also Policy Management Service's own cert in the default truststore for mocking purposes and unit-testing (ApplicationTest.java).
...