thingsboard-aplcache
Changes
docker/.env 3(+2 -1)
tools/src/main/shell/keygen.properties 18(+17 -1)
tools/src/main/shell/keygen.sh 6(+3 -3)
Details
diff --git a/application/src/main/resources/thingsboard.yml b/application/src/main/resources/thingsboard.yml
index f74d30d..2889148 100644
--- a/application/src/main/resources/thingsboard.yml
+++ b/application/src/main/resources/thingsboard.yml
@@ -76,14 +76,10 @@ mqtt:
adaptor: "${MQTT_ADAPTOR_NAME:JsonMqttAdaptor}"
timeout: "${MQTT_TIMEOUT:10000}"
# Uncomment the following lines to enable ssl for MQTT
-# ssl:
-# key_store: keystore/mqttserver.jks
-# key_store_password: password
-# key_store_type: JKS
-# TrustStore can be the same as KeyStore
-# trust_store: keystore/mqttserver.jks
-# trust_store_password: password
-# trust_store_type: JKS
+ ssl:
+ key_store: keystore/mqttserver.jks
+ key_store_password: password
+ key_store_type: JKS
# CoAP server parameters
coap:
docker/.env 3(+2 -1)
diff --git a/docker/.env b/docker/.env
index ca7f2b0..534d4e8 100644
--- a/docker/.env
+++ b/docker/.env
@@ -1 +1,2 @@
-CASSANDRA_DATA_DIR=/home/docker/cassandra_volume
+CASSANDRA_DATA_DIR=/Users/admin/data_dir
+#CASSANDRA_DATA_DIR=/home/docker/cassandra_volume
tools/src/main/shell/keygen.properties 18(+17 -1)
diff --git a/tools/src/main/shell/keygen.properties b/tools/src/main/shell/keygen.properties
index d27e0f5..08d6816 100644
--- a/tools/src/main/shell/keygen.properties
+++ b/tools/src/main/shell/keygen.properties
@@ -1,4 +1,20 @@
-HOSTNAME="$(hostname)"
+#
+# Copyright © 2016-2017 The Thingsboard Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+DOMAIN_SUFFIX="$(hostname)"
PASSWORD="password"
CLIENT_TRUSTSTORE="client_truststore.pem"
tools/src/main/shell/keygen.sh 6(+3 -3)
diff --git a/tools/src/main/shell/keygen.sh b/tools/src/main/shell/keygen.sh
index a287292..1572d89 100755
--- a/tools/src/main/shell/keygen.sh
+++ b/tools/src/main/shell/keygen.sh
@@ -27,7 +27,7 @@ usage() {
}
COPY=true;
-COPY_DIR="d"
+COPY_DIR=
PROPERTIES_FILE=keygen.properties
while true; do
@@ -65,7 +65,7 @@ echo "Generating SSL Key Pair..."
keytool -genkeypair -v \
-alias $SERVER_KEY_ALIAS \
- -dname "CN=$HOSTNAME, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
+ -dname "CN=$DOMAIN_SUFFIX, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
-keystore $SERVER_FILE_PREFIX.jks \
-keypass $PASSWORD \
-storepass $PASSWORD \
@@ -95,7 +95,7 @@ if [[ $COPY = true ]]; then
read -p "Do you want to copy $SERVER_FILE_PREFIX.jks to server directory? " yn
case $yn in
[Yy]) echo "Please, specify destination dir: "
- read -p "(Default: copy_dir): " dir
+ read -p "(Default: $SERVER_KEYSTORE_DIR): " dir
if [[ ! -z $dir ]]; then
DESTINATION=$dir;
else
diff --git a/tools/src/main/shell/securemqttclient.keygen.sh b/tools/src/main/shell/securemqttclient.keygen.sh
index c85f2ff..4d986cd 100755
--- a/tools/src/main/shell/securemqttclient.keygen.sh
+++ b/tools/src/main/shell/securemqttclient.keygen.sh
@@ -48,7 +48,7 @@ echo "Generating SSL Key Pair..."
keytool -genkeypair -v \
-alias $CLIENT_KEY_ALIAS \
- -dname "CN=$HOSTNAME, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
+ -dname "CN=$DOMAIN_SUFFIX, OU=Thingsboard, O=Thingsboard, L=Piscataway, ST=NJ, C=US" \
-keystore $CLIENT_FILE_PREFIX.jks \
-keypass $PASSWORD \
-storepass $PASSWORD \
diff --git a/tools/src/main/shell/twowaysslmqttclient.py b/tools/src/main/shell/twowaysslmqttclient.py
index 9ca43c6..d51df36 100644
--- a/tools/src/main/shell/twowaysslmqttclient.py
+++ b/tools/src/main/shell/twowaysslmqttclient.py
@@ -45,7 +45,6 @@ client.publish('v1/devices/me/attributes/request/1', "{\"clientKeys\":\"model\"}
client.tls_set(ca_certs="client_truststore.pem", certfile="mqttclient.nopass.pem", keyfile=None, cert_reqs=ssl.CERT_REQUIRED,
tls_version=ssl.PROTOCOL_TLSv1, ciphers=None);
-client.username_pw_set("TEST_TOKEN")
client.tls_insecure_set(False)
client.connect(socket.gethostname(), 1883, 1)
diff --git a/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java b/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
index 5701c71..da478eb 100644
--- a/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
+++ b/transport/mqtt/src/main/java/org/thingsboard/server/transport/mqtt/MqttSslHandlerProvider.java
@@ -52,13 +52,6 @@ public class MqttSslHandlerProvider {
@Value("${mqtt.ssl.key_store_type}")
private String keyStoreType;
- @Value("${mqtt.ssl.trust_store}")
- private String trustStoreFile;
- @Value("${mqtt.ssl.trust_store_password}")
- private String trustStorePassword;
- @Value("${mqtt.ssl.trust_store_type}")
- private String trustStoreType;
-
@Autowired
private DeviceCredentialsService deviceCredentialsService;
@@ -67,12 +60,12 @@ public class MqttSslHandlerProvider {
try {
URL ksUrl = Resources.getResource(keyStoreFile);
File ksFile = new File(ksUrl.toURI());
- URL tsUrl = Resources.getResource(trustStoreFile);
+ URL tsUrl = Resources.getResource(keyStoreFile);
File tsFile = new File(tsUrl.toURI());
TrustManagerFactory tmFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
- KeyStore trustStore = KeyStore.getInstance(trustStoreType);
- trustStore.load(new FileInputStream(tsFile), trustStorePassword.toCharArray());
+ KeyStore trustStore = KeyStore.getInstance(keyStoreType);
+ trustStore.load(new FileInputStream(tsFile), keyStorePassword.toCharArray());
tmFactory.init(trustStore);
KeyStore ks = KeyStore.getInstance(keyStoreType);