From 83bc97bb0259855ad89e29bde9ca6c352cc18768 Mon Sep 17 00:00:00 2001 From: Sambo Chea Date: Wed, 20 Apr 2022 17:24:51 +0700 Subject: [PATCH] Add generate server cert and add ssl for application --- api/src/main/resources/application-demo.yml | 2 -- api/src/main/resources/application.yml | 10 ++++++++++ api/src/main/resources/keystore/server.jks | Bin 0 -> 4393 bytes api/src/main/resources/keystore/server.p12 | Bin 0 -> 4393 bytes generate-server-cert.sh | 18 ++++++++++++++++++ 5 files changed, 28 insertions(+), 2 deletions(-) create mode 100644 api/src/main/resources/keystore/server.jks create mode 100644 api/src/main/resources/keystore/server.p12 create mode 100755 generate-server-cert.sh diff --git a/api/src/main/resources/application-demo.yml b/api/src/main/resources/application-demo.yml index d814c5a..e69de29 100644 --- a/api/src/main/resources/application-demo.yml +++ b/api/src/main/resources/application-demo.yml @@ -1,2 +0,0 @@ -server: - port: ${APP_PORT:8080} \ No newline at end of file diff --git a/api/src/main/resources/application.yml b/api/src/main/resources/application.yml index 2773bb1..a162a25 100644 --- a/api/src/main/resources/application.yml +++ b/api/src/main/resources/application.yml @@ -1,3 +1,13 @@ +server: + port: ${SERVER_PORT:8080} + ssl: + key-store: ${SERVER_SSL_KEY_STORE:classpath:keystore/server.jks} + key-store-password: ${SERVER_SSL_KEY_STORE_PASSWORD:cubetiq} + key-password: ${SERVER_SSL_KEY_PASSWORD:cubetiq} + enabled: ${SERVER_SSL_ENABLED:true} + compression: + enabled: ${SERVER_COMPRESSION_ENABLED:${server.ssl.enabled}} + spring: profiles: active: ${APP_PROFILE:demo} diff --git a/api/src/main/resources/keystore/server.jks b/api/src/main/resources/keystore/server.jks new file mode 100644 index 0000000000000000000000000000000000000000..fc137117024f4715f8e25a931bc20e2707097131 GIT binary patch literal 4393 zcma)8WmFUjw`B%qVCWh`x+H}mhLn;n5hNupAxL)!DBU0+(nw2p4ly7xmmE^Mk?s)b z_VB%#kgezP*{E`5G4af~99>oeK9{L0K z!Gdvl{}+YJfEA2O^9QE#R5YY6KBrx+lRofrsUgyDm6{@W1<0b#)Cz!0-=Wq=hX7Jv(jIPjD~ zxRZq7dFVNkY2U%d7AqL?DydO_+#o&3F0 zz?@!r=aG;T;b=!f@Q_Lc=35PQ*+AH;;48CKygaoOpu55RI^SmhbVzD5T>Tb^^jAg5 ztj*OPNPGV}Q6&uHc;Fb}7g<)afe)i6H6ookvic zH;W~YIo39we~)ebLOX;gM$?VGgxnEMai%xjG4E$8Nn_jXe`KAjzIl6b*C8MQXWb6` zR5M7ymgmebw8U1r@yW8gv(MCJV|qI6dp}*qBuhsJZJapG&udZ0xi|ZAoby&_(`Gh2 zaI!J{*S)ILDK5-v=;I=Zhva9%ia%NHx<{hGk4@n`PzC0`OEM}LIh&Nzi zzNJECb{sTx^V`NxJWSGDJ%yWzDLu1GO8bK6!Jf1fGw68rX}zw=SX{rfQ){giQ0m&ZgUVe;;|Cq(cSb^E z7I2;KbNsQ(QFkd&^pH3J<5>8DCW9eWT%AX}Qj)3=h&P7gz`Z~=4Q9yYRYhJX?-mhan$isx>MH0HsM-EOb2UK|z|qzvTg zFU_am(J5+QEa&dOUhQB-Evv4Ywf!i|yLyqqcIJ~zozPzFmNGnXm}1$#njTgduKcU0 zin>VS)>G_3TA05=DArrT|26eh0-Mu9W!p$7yez%g!rHP*JB1*}L)GZ?;Yed@1EJ5D zUdI$6byZl9wpLBcp)42W@ErPLC1d5+IojC4yjE$@gktlpPS+;A%gWfmQ6WN)v*8D% z5Xtpq>(YW*!ipB@McGx+>DaJLfB!QjJeWsv)aZ6zM>1n1ewyy)s}Vx1(O4ghcsLCV zeDjF=BRT1wi21Tol7-I#lrK0ekpJ3db*SN;!}b{-83wU7=SC;)vPx^o`)0jojKdQ* z6#O3ve!$2~@+KtQkB9qTDjkfv-lff^DwH}nS~kK)Q1dFF%3o3PceA8uiR0ZO#F7=s zw+I1zD*T;-smLIw<~(ICrl%dg)2jNdlU7Za4C^(~P^C;Vks_Z??k}CgYMeVW5ZQod z8q7RI+l;q)so|T*wyY%l)2}hq^trNzn%VY6hnJs=cqgJmMl2P(OXoj&k_ox*X3x_O zO4D^v9#wFr#><0w^|aBGaVO_NL|OxRrI0icvC=YDc{!GzSJuc0(@bu(XuzX=Ic27= z8K#$U9bt2f{mBqc7*lBp?(KkOmR8&c(L1xtnUZWW9Jrb;0ji9o~&k-r6k5yMU zm;gLouQ1j27sPN4$9Gr8zjB{sW)yj^Dic0j_Y+y;cyk?*sFdp^n{pV?tg8!WH~AUS z#s9_*3ZJ8^?wP)ip>QJ>qp9@BmrMdg&M|lnjqq3pcXc-rL`x<)jc><}-fC-T($GBo zuql7eD1u&${~lp;e|&{WZiLf4?Rv1m%s0hl^|w@hY3cLFVgI3Eu#9~ z=1k8nOf?WpXFp)~g(sao?BQ0uOZ%BNryvGZsv0FUAIDvPtMZNH=~9mU z`X$A5^P1ZNxUA6LS4&ng)Pt)U+YYwM5_yG#D|@h7+|(v@&P`0YsSs%Kc=?Fu4{6sSZw>VTs6ADDiqEAaAo4rpl0A2$O8YP|4xY-HGa$nz2da3;@NUPf zM`0e$V$%sV!QaL!8fI>}fJD6u1IRTJ1@oT}JXs^nb9g~eW`umx%UJz369@R1l}1mr z=yzgTHWH$oMnEILbA(Vzw7q%UaR~SI@6v3Pbdm1Q%P&K9k$v){?_ZMNXytgDc(YhR z(J{>2IXGOoZ%}|_8ktP=p-Pj8Yk{>yE2|D_92fhQkp!>UB_&;z{r=7Tgz5y|RfkLW zx2rG}%Zv@XKF0MZnqd4n_`(%em6<)d?n+?ks$PS`lnQ=_r6P#l`4n0w<44t3Y|`bq zXbNf~$T9OpNShd5jPueec)Q{jZjyCdv<4=ijG7N>ICL>r8+Iwa(blH73x)h@`JDNi z(DI2?HTDxy4a)J~dY_sS%}Wun2GqEZx}T@`ROt9exbs%ge3nPiw^m3ylPv|I$&74?LFTnSPRJBXbNfP3Wk z$k?_JYYyCUZCW+V%Kxx2S2~T1tvT`EaI7B~>8WsHBOtXE$rdh|@ z5J?1hQ|pRf74*3x+gS-?i7Vptxs40w^d*bUazSVPoTNpH7lZC$vCHvvRPj{t7p~|6 zmVtpy!z{g{1nk)tkMdwDcFwhB#{?Xj1a7dUnF+OC^khwCt_6EF7#eQ;jG9l(L3*YPK&k(JQ?{>IiNd!yVgN<>Z4 z>-EY(p#^%(5Ot*Yp%A9TwsPE?`56OMT>?6`_1+^XzMLcaF}Sg{T!?uZ8KQkWPN8iB zSwIgRj(b``Yiku!Z`{bChYgx7Xw)4pP%!??K*Q1dIBvADJK<<95+-)z*TH$kSh)FU z=L2^J$$R!%ENKn9nIO{~_5k9~l(Z>qf|Oh3b(Zi%V~Y$6q`W_b2(E}G43{NKW7=dJ z2MOhBD+3)xKN%~slAPm^m{%+B>4BcvnAf-@cv(NU~)9Q!3W;eY=)4Gacj&@pLfXVL=2UQdf0s1}Heh2k-k5ivX||72xT z$gAS#UzL2QTefSs=3zkedtaU)eY@n41K3cipAQ0JS8Z`^`@(Ss$+(7y`hD(DvRfZj z;<*DX>DzCQ$D3JmAoQC`kh$pnymkWB{zE-l#f4Rp3P0IryN=7CLU7kQlY86>RQdPyMO26z;Hkp{>5@tE#HF#%DD5vLG7CuhC0^f5^zpBSLKZ0#> zaH9u4V91PCEQ@uyFfcLhT)>y=%V;VLxNl~Htb$^PR^34mw{(feC2Fs{m*ItslC)gZ zmfb%+!lXW4f2W8Z%v1oB>owiJpM7QL{pvg)rcTj&Li#!#M#G#85|!um+*`uMplRLWMAbR=Y8vLxM^ z$IvX0d6WC`sYc#Ke%5u=K|$SCyQbux)4&}|F@4pziv`GGznFEaBO)hu(5UpFA5DVk zzc_&`e;K`P=A9Z-%nvkmVa79+VGxVDja$zCddy*I9U-b}?2XlOM&s7TX9l6>@!VZf z^>*IvXYjd@i%iMl!mHJD6FB!How3-6b%M}rW!g8&GlM2>2wUBZWtY8s@5ST2?ZmGk z2U3|6iX*fP+P=P4{#IFE(U)`c`2<<9_cUj0T19)HmQ1H-u=Fu4E(I1Z+Z-J(BlW}B zl~PCnEh&E-ljpHH;Yp4HYU4=W5C?PR$|Zd9rO&ohSi7qXL?&id5{Ye1bw&uC(9oJNJG)#~hDA&qPtI`=9mT1}y9v zUDLmKsqc89a~%i$Drt=|nR%nkN)#9`DZb(sd*SLX)0J@j+_+;imbR9|&h=Fj?p+g| zPbZt}8UrufA|wb*l1>e&`_{S1Vlp>|Wb!}c3Yg5)(8bZ9gxOESc5*s1ZRLNos~0Ln zb^}hs-!D(S;AX6^bB+AgP^6Xqw0i=O^G#It2s#^~yBg5Fta`3jdggec zhh-o!q#h4k{KyK&7Cn$QE)2c+X z-l6pRA+_dji;31Lswj#%F&CPY~>-J?Qv+Wj3g(|yJS0`NtTt3x{H34ju!Dk z^esh;d}rDUxj;M*r{>RSd}Tsg4X=d_X$;ZE38a0Op9Z8~vhVtyPc`$(3{9_$?GtRX zB^sa}Lt7%50zbDZY>GM0RZ8*xc}BkmoWuQY+Za(=@ZNSNMTU7!ckzWHWA9%+gPHYf zBMOtC*P8}lk!R;lITDJwZJmQ~C*_Ze+1;aKnCTa7c&+b*SADcCn5U4mYN>-!J6|<< z6FQuHFEMb8>9xko;v&^0bUwE(bV;hebz!0R@>^L5Mqm(RqfE8-TwJTNjv((&?q|(p zcz!+omBQX~6w3^LY|WO78q%T*by_D03#9O;|7MK+-V7~ooSMztf$jTAbm#;(Vt{)j zFg&c27|L|E^4`gr;=3~X7;oL@K(VG$v>3VnEGXSWOj-3u6m6pZ!kng*n!ANChYu1a z1!ICiz#wiyOyCm`1{QfDADQ-OJeP&ProP6Hju+530~PI9|GDelbBCI4N?-~wP+ zIUA>wf&EF!Th{YZ*MOx9^GatQAdr^|2w;bkL5TnRBM?eR0B3Vht~7qRb1QQo$UX&(gzC4WpJELh)1rJTlM}OV{YDq2H)%9rEM-^Y9q~$kr6V49 zpPmRgqAAr-?Yj8%hzo$LekSFY(`B@p zC>NpEYsXCL7}K_dWHGjz4Ca>)JQt zGkd(5vgGfeMOxf9^76&AJ6q1ON`|RMyMJQZX~vui6RV0^TRtcj^y$^?p6<_2)s1r7 zH&=^ap57s)sOq-exLk?bD~d|YUr$1W+_%1oCK=YCZUqbFM5mp*ux7sTNFykPL`d{lialMeHqG>|IsB&%Yf<` zYq`-9<-?g4jRz$t3-8*9H-bSb>tVHx0UH8=9?99r{!}}#4HhWcFQ^`$uyO2kmY9D| z!#7WvWo`0M{hZ&l>5|5EEne0+G_Y_#Dz4=xr*2a$cyu2f-m)OT-JCxPPl?ToQ<}~+7XdfM>&6zKpm?k>><%lC+rsf3c{fIE)U92-#!3aJ}kc;_l9qyi1 z?=L9*)|_EBEbAw`xRQTpjJw!3{ZO;D=X_@{=4nHl+~F7n6r#aDJqilJ}o$Bh;awS-(TWV}fJ89VGc28P|he7wn?x z(rQBZ2%Sv^$d6fD&Kva{fqh7sNr!z8AedfH7zTu`Sd5rnOXGl>lM0L>=d7nSdlK__+4p%IsqziirxjIe*k_}?*JAN-C7(6mSZ%30uyvN&|=6N#K z!W~C8Sg*49LxYo(Ue8hv6g-@qc52^Vb>55Zhed`Dq?K_MUsk_#vwRIHffmQ=rHm)a zkdFSQSA|Z+aq~i3@MJ8cq428921{!J7*%F(zs2Q{3VycSu!WU;YDrDP=xl1JanJYw&kiPhD8(oSEwM3kF#nuQ-qFFglT1`0wS1?&GP%z9G8YL)61GjO%m*CUp+&HJmw$F(qWVEmK-a+xgf#!<8u?P%!l(%^-p53zg4LZEfKzknb@(Gtx^&PB z9*F4Y1956gD`VP&S6?NLDiXi@{w(zqf8mar)f;h#!=vlcKPioTzE#Rf4Njp0Z(BQd z&IGar$!YS^65PE)RmFUAN=0=JJ>=$`qJjyFID#~@VCaHbIlbQ!uE57(rVTls9-w1vw4k}@ij(Nx*WpM9WQ@844fqyaEh_EpnONJw4eP zribTm$TSfIx0Uu)PF_*u98)CcAcnA$6tr^h4{`;*hDnnp^rVi`9WYE;YOwXw1d=?x z$F0wht+_VMTGQ0woS(xHDiYN+!KUriB#X0IH674l_< zGS!7;Y8?^#>@92ud}H74BvZji^A)r!ay^OA!cEccCOr2b9p!z<%`g@)mLaHphCDK> z)os&K^eG@C+gunSt}^vi+DrNdYbu=X%y-OtV_nN4*mEzL$%c{_6kuh~e)loIj+;D7 zGhy+DXopobF3gQ*s%1?vR{uM~6_@e;An56*1)L>yujbVx4{`SI615%KMwKs36rYL| z?jC=I4He^$+k3rjBksVadrMuW*@W+%lTHR!M(nGy;ckRt{yPn}(?uT%Z3z zXq2wwU(wQ>_jYYlY8%3;O9#=JVW-(EJ4T*Oz8XySw_9bsBgng_uPll9o`zi6JS9X% zMTYS2{N-BZM_OifZL25l5dG7yI&GcYM<`Cgj$D7tMzX*t#jp(+h&d_u3zj=t@8V2; ziFZdeJ+U7EXFpJ)BiMN4mlr-&4r}<+N|k_GY}owc=tYDz88W zI{b0FAyPiqya+_To`G;1=}`R45xI-1(d$0V;%bvmc-!4y6*k=~<0>R4wHR-ZE|tyT z-k?CrhQ>|xhyRjE4&%AKO)r{YBpNSd!>a~0>bV`=oLI~iLR6tykVo_Is5`WzuY zW~TjxW8z!=?WPb#zpoTnc_sc=9?7nYqp;)oTqGKC z?=OI^ga|xDu<*!GQLySYgt&37_QX3f8t*&rkyoXB+TV9i@U{9d|62MN3;km9(eF$+ zCA>b)8h`(LBWOt9j8LwiDJ#Kgq3mm*|0aX1?!^$nQ$uG;)BoT-n4c`$9--Q=j{*Oek7twz2H)vD@8-D)OZK({zo?W;W zi$?8N4DoE7qaV?Dp=a`*5XN(md*~k9wk8p}>Eu!+yo>=a z-*1Y{2(e423MYA38KCP4Sodo3@L^|Xy~93pSr8^JN`EG>p!+2Qd*urDllVyMtHtZE zqTapO>o9zJa>>nI%wonU$zI$(j3ZatXM00ZBrB4B^S&596ggA31=id@J+X#LW~$Nw-{dc5 zv$e5)?P6bGb_(Zi98&2P!G2;;=m;8$K})ox$1gdg>1d)NXm75R_q?RFCnP3uv@}D9 z8J#CVbUc0&!1Caz5u$9*S9z6i zqcO&oP5xS170yzg8{DJZ{Xcp;yVC=gV>tx9;tY%8r6QFQYWo za}DX>F2O|>pXk=?tATU(6es|e;{=3s`gm}8w&-i_#vj|e`$nXZ~_O`yx zEq3kEY8?{*^z&6}bnHl*_5U~=GNBtQO81vnAxYuiL+9933WamV1OQrW;J$*PjG z-JOGkfbCc~d+Ar&xbbIP>E$&f=gt#pBVkF*Vx68ws$``qs_iuzvNU2y1w8@7Q9{TH zTn^3whe8MiC_q3aLIN->;p?F>2a{mOT&+f>gIv7w`f%wM7$)wZ`}9RKXj9p|^PQvB P$OXRWQx6aXh$;9Fdg(k= literal 0 HcmV?d00001 diff --git a/generate-server-cert.sh b/generate-server-cert.sh new file mode 100755 index 0000000..56cea7f --- /dev/null +++ b/generate-server-cert.sh @@ -0,0 +1,18 @@ +#!/bin/sh -e + +CERT_NAME="${1:-server}" +CERT_SIZE="${2:-2048}" +CERT_DAYS="${3:-3650}" +DEST_DIR="${4:-./}" + +echo "Create directory ${DEST_DIR}" +mkdir -p "${DEST_DIR}" + +echo "Generating server keystore ${CERT_NAME}.p12 with size: ${CERT_SIZE} days: ${CERT_DAYS}" +keytool -genkeypair -alias ${CERT_NAME} -keyalg RSA -keysize ${CERT_SIZE} -storetype PKCS12 -keystore ${DEST_DIR}${CERT_NAME}.p12 -validity ${CERT_DAYS} + +echo "Generating server keystore ${CERT_NAME}.jks with size: ${CERT_SIZE} days: ${CERT_DAYS}" +keytool -genkeypair -alias ${CERT_NAME} -keyalg RSA -keysize ${CERT_SIZE} -keystore ${DEST_DIR}${CERT_NAME}.jks -validity ${CERT_DAYS} + +echo "Import keystore ${CERT_NAME}.jks into ${CERT_NAME}.p12" +keytool -importkeystore -srckeystore ${DEST_DIR}${CERT_NAME}.jks -destkeystore ${DEST_DIR}${CERT_NAME}.p12 -deststoretype pkcs12 \ No newline at end of file