Development summary of uui-server supporting HTTPS
- Keguang He
1. Background:
As the back-end micro service supporting the UI interface display, uui-server not only needs to provide rest API for the uui-ui display, but also needs to call so, AAI and other rest API provided by MSB.
Previously, the uui-server only supported HTTP mode, but now it needs to develop corresponding functions to make the uui-server microservice support HTTPS mode.
We need to support the development of HTTPS from the following two aspects:
When uui-server is required as the client, it supports to access the API provided by MSB through HTTPS.
When uui-server is required as the server, the API of HTTPS is provided for the call of uui-ui.
2. uui-server as client:
2.1. Java Code:
When uui-server is the client, okhttp is used for digital verification. Okhttp provides sslsocketfactory (sslsocketfactory sslsocketfactory, x509trustmanager trustmanager) method to verify the digital signature.
RestfulServices.java |
OkHttpClient okHttpClient = new OkHttpClient.Builder()
|
2.2. OOM Code:
We need to modify the msb-iag parameter in the values.yaml file to support HTTPS. The value of 443 means using HTTPS to access the API provided by MSB.
values.yaml: |
msbaddr: msb-iag.{{include "common.namespace" .}}:443 |
3. uui-server as server:
3.1. Generate certificate:
Generate the corresponding certificate use the keytool command, then place the generated file uuiServer.jks in the /resources/keystore directory.
3.2. Configure in application.properties:
server.ssl.protocol=TLS
server.ssl.key-store=classpath:keystore/uuiServer.jks
server.ssl.key-store-password=Aa123456
server.ssl.key-store-type=JKS
3.3. OOM Code:
We need enable SSL in service.yaml, so uui-ui can access the API provided by uui-server through MSB using HTTPS.
service.yaml |
{ "serviceName": "usecaseui-server", "version": "v1", "url": "/api/usecaseui-server/v1", "protocol": "REST", "port": "{{.Values.service.internalPort}}", "visualRange":"1", "enable_ssl": true } ]' |