Development summary of uui-server supporting HTTPS

1.  Background:

As the back-end micro service supporting the UI interface display, uui-server not only needs to provide rest API for the uui-ui display, but also needs to call so, AAI and other rest API provided by MSB.

Previously, the uui-server only supported HTTP mode, but now it needs to develop corresponding functions to make the uui-server microservice support HTTPS mode.

We need to support the development of HTTPS from the following two aspects:

  • When uui-server is required as the client, it supports to access the API provided by MSB through HTTPS.

  • When uui-server is required as the server, the API of HTTPS is provided for the call of uui-ui.

2.  uui-server as client:

2.1. Java Code:

When uui-server is the client, okhttp is used for digital verification. Okhttp provides sslsocketfactory (sslsocketfactory sslsocketfactory, x509trustmanager trustmanager) method to verify the digital signature.

 

RestfulServices.java                                                                                                      

OkHttpClient okHttpClient = new OkHttpClient.Builder()
    .connectTimeout(20, TimeUnit.SECONDS)
    .readTimeout(20, TimeUnit.SECONDS)
    .sslSocketFactory(getSSLSocketFactory(), new CustomTrustManager())
    .hostnameVerifier(getHostnameVerifier())
    .build();

String msbUrl = getMsbAddress();
Retrofit retrofit = new Retrofit.Builder()
    .baseUrl("https://" + msbUrl + "/")
    .client(okHttpClient)
    .addConverterFactory(JacksonConverterFactory.create())
    .build();

 



2.2. OOM Code:

We need to modify the msb-iag parameter in the values.yaml file to support HTTPS. The value of 443 means using HTTPS to access the API provided by MSB.



values.yaml:

msbaddr: msb-iag.{{include "common.namespace" .}}:443

 

3.  uui-server as server:

3.1. Generate certificate:

Generate the corresponding certificate use the keytool command, then place the generated file uuiServer.jks in the /resources/keystore directory.

3.2. Configure in application.properties:

server.ssl.protocol=TLS
server.ssl.key-store=classpath:keystore/uuiServer.jks
server.ssl.key-store-password=Aa123456
server.ssl.key-store-type=JKS

3.3. OOM Code:

We need enable SSL in service.yaml, so uui-ui can access the API provided by uui-server through MSB using HTTPS.

 

service.yaml

    msb.onap.org/service-info: '[

      {

          "serviceName": "usecaseui-server",

          "version": "v1",

          "url": "/api/usecaseui-server/v1",

          "protocol": "REST",

          "port": "{{.Values.service.internalPort}}",

          "visualRange":"1",

          "enable_ssl": true

      }

      ]'