mirror of
https://github.com/corda/corda.git
synced 2025-03-15 08:41:04 +00:00
ENT-2577 Custom SSL props for external Artemis connections (#1549)
* ENT-2577 added additional node config for external artemis ssl config * ENT-2577 update tests for external p2p broker * ENT-2577 rename new config
This commit is contained in:
parent
7a62e65ec7
commit
41f5c530b2
@ -124,7 +124,14 @@ class SNIBridgeTest : IntegrationTest() {
|
||||
"p2pAddress" to "localhost:$advertisedP2PPort",
|
||||
"messagingServerAddress" to "0.0.0.0:$artemisPort",
|
||||
"messagingServerExternal" to true,
|
||||
"enterpriseConfiguration" to mapOf("externalBridge" to true)
|
||||
"enterpriseConfiguration" to mapOf(
|
||||
"externalBridge" to true,
|
||||
"messagingServerSslConfiguration" to mapOf(
|
||||
"sslKeystore" to "${bankAPath}/certificates/sslkeystore.jks",
|
||||
"keyStorePassword" to "cordacadevpass",
|
||||
"trustStoreFile" to "${bankAPath}/certificates/truststore.jks",
|
||||
"trustStorePassword" to "trustpass"
|
||||
))
|
||||
)
|
||||
)
|
||||
|
||||
@ -138,14 +145,21 @@ class SNIBridgeTest : IntegrationTest() {
|
||||
"p2pAddress" to "localhost:$advertisedP2PPort",
|
||||
"messagingServerAddress" to "0.0.0.0:$artemisPort",
|
||||
"messagingServerExternal" to true,
|
||||
"enterpriseConfiguration" to mapOf("externalBridge" to true)
|
||||
"enterpriseConfiguration" to mapOf(
|
||||
"externalBridge" to true,
|
||||
"messagingServerSslConfiguration" to mapOf(
|
||||
"sslKeystore" to "${bankBPath}/certificates/sslkeystore.jks",
|
||||
"keyStorePassword" to "cordacadevpass",
|
||||
"trustStoreFile" to "${bankBPath}/certificates/truststore.jks",
|
||||
"trustStorePassword" to "trustpass"
|
||||
)
|
||||
)
|
||||
)
|
||||
)
|
||||
|
||||
val b = bFuture.getOrThrow()
|
||||
|
||||
val bridge = startBridge(ALICE_NAME, advertisedP2PPort, artemisPort, emptyMap(
|
||||
)).getOrThrow()
|
||||
startBridge(ALICE_NAME, advertisedP2PPort, artemisPort, emptyMap()).getOrThrow()
|
||||
|
||||
// Start a node on the other side of the bridge
|
||||
val c = startNode(providedName = DUMMY_BANK_C_NAME, rpcUsers = listOf(demoUser), customOverrides = mapOf("p2pAddress" to "localhost:${portAllocation.nextPort()}")).getOrThrow()
|
||||
|
@ -52,11 +52,19 @@ class ExternalBrokertests : IntegrationTest() {
|
||||
val p2pPort = portAllocator.nextPort()
|
||||
val rpcPort = portAllocator.nextPort()
|
||||
val broker = createArtemis(p2pPort)
|
||||
val nodeBaseDir = tempFolder.root.toPath()
|
||||
val nodeConfiguration = mapOf(
|
||||
"baseDirectory" to tempFolder.root.toPath().toString() + "/",
|
||||
"baseDirectory" to "$nodeBaseDir",
|
||||
"devMode" to false, "messagingServerExternal" to true,
|
||||
"messagingServerAddress" to NetworkHostAndPort("localhost", p2pPort).toString(),
|
||||
"enterpriseConfiguration" to mapOf("externalBridge" to true),
|
||||
"enterpriseConfiguration" to mapOf(
|
||||
"externalBridge" to true,
|
||||
"messagingServerSslConfiguration" to mapOf(
|
||||
"sslKeystore" to "${nodeBaseDir}/certificates/sslkeystore.jks",
|
||||
"keyStorePassword" to "cordacadevpass",
|
||||
"trustStoreFile" to "${nodeBaseDir}/certificates/truststore.jks",
|
||||
"trustStorePassword" to "trustpass"
|
||||
)),
|
||||
"keyStorePassword" to "cordacadevpass",
|
||||
"trustStorePassword" to "trustpass",
|
||||
"rpcSettings.address" to NetworkHostAndPort("localhost", rpcPort).toString())
|
||||
@ -100,11 +108,19 @@ class ExternalBrokertests : IntegrationTest() {
|
||||
val p2pPort = portAllocator.nextPort()
|
||||
val broker = createArtemis(p2pPort)
|
||||
broker.start()
|
||||
val nodeBaseDir = tempFolder.root.toPath()
|
||||
val nodeConfiguration = mapOf(
|
||||
"baseDirectory" to tempFolder.root.toPath().toString() + "/",
|
||||
"baseDirectory" to "$nodeBaseDir",
|
||||
"devMode" to false, "messagingServerExternal" to true,
|
||||
"messagingServerAddress" to NetworkHostAndPort("localhost", p2pPort).toString(),
|
||||
"enterpriseConfiguration" to mapOf("externalBrokerConnectionConfiguration" to "FAIL_FAST"),
|
||||
"enterpriseConfiguration" to mapOf(
|
||||
"externalBrokerConnectionConfiguration" to "FAIL_FAST",
|
||||
"messagingServerSslConfiguration" to mapOf(
|
||||
"sslKeystore" to "${nodeBaseDir}/certificates/sslkeystore.jks",
|
||||
"keyStorePassword" to "cordacadevpass",
|
||||
"trustStoreFile" to "${nodeBaseDir}/certificates/truststore.jks",
|
||||
"trustStorePassword" to "trustpass"
|
||||
)),
|
||||
"keyStorePassword" to "cordacadevpass",
|
||||
"trustStorePassword" to "trustpass")
|
||||
driver(DriverParameters(startNodesInProcess = false, notarySpecs = emptyList())) {
|
||||
|
@ -5,11 +5,14 @@ import java.io.File
|
||||
import java.net.InetAddress
|
||||
import java.nio.file.Path
|
||||
import net.corda.nodeapi.internal.config.ExternalBrokerConnectionConfiguration
|
||||
import net.corda.nodeapi.internal.config.FileBasedCertificateStoreSupplier
|
||||
import net.corda.nodeapi.internal.config.MutualSslConfiguration
|
||||
|
||||
data class EnterpriseConfiguration(
|
||||
val mutualExclusionConfiguration: MutualExclusionConfiguration,
|
||||
val externalBrokerConnectionConfiguration: ExternalBrokerConnectionConfiguration = ExternalBrokerConnectionConfiguration.DEFAULT,
|
||||
val externalBrokerBackupAddresses: List<NetworkHostAndPort> = emptyList(),
|
||||
val messagingServerSslConfiguration: MessagingServerSslConfiguration? = null,
|
||||
val useMultiThreadedSMM: Boolean = true,
|
||||
val tuning: PerformanceTuning = PerformanceTuning.default,
|
||||
val externalBridge: Boolean? = null,
|
||||
@ -17,6 +20,16 @@ data class EnterpriseConfiguration(
|
||||
val traceTargetDirectory: Path = File(".").toPath()
|
||||
)
|
||||
|
||||
data class MessagingServerSslConfiguration(private val sslKeystore: Path,
|
||||
private val keyStorePassword: String,
|
||||
private val trustStoreFile: Path,
|
||||
private val trustStorePassword: String,
|
||||
override val useOpenSsl: Boolean = false) : MutualSslConfiguration {
|
||||
|
||||
override val keyStore = FileBasedCertificateStoreSupplier(sslKeystore, keyStorePassword, keyStorePassword)
|
||||
override val trustStore = FileBasedCertificateStoreSupplier(trustStoreFile, trustStorePassword, trustStorePassword)
|
||||
}
|
||||
|
||||
data class MutualExclusionConfiguration(val on: Boolean = false,
|
||||
val machineName: String = defaultMachineName,
|
||||
val updateInterval: Long,
|
||||
|
@ -281,6 +281,10 @@ data class NodeConfigurationImpl(
|
||||
rpcSettings
|
||||
}
|
||||
}
|
||||
|
||||
if (messagingServerExternal && messagingServerAddress != null) {
|
||||
require(enterpriseConfiguration.messagingServerSslConfiguration != null) {"Missing SSL configuration required by broker connection."}
|
||||
}
|
||||
}
|
||||
|
||||
override val certificatesDirectory = baseDirectory / "certificates"
|
||||
|
@ -185,8 +185,13 @@ class P2PMessagingClient(val config: NodeConfiguration,
|
||||
this.maxMessageSize = maxMessageSize
|
||||
state.locked {
|
||||
started = true
|
||||
val tcpTransport = p2pConnectorTcpTransport(serverAddress, config.p2pSslOptions)
|
||||
val backupTransports = p2pConnectorTcpTransportFromList(config.enterpriseConfiguration.externalBrokerBackupAddresses, config.p2pSslOptions)
|
||||
val sslOptions = if (config.messagingServerExternal) {
|
||||
config.enterpriseConfiguration.messagingServerSslConfiguration
|
||||
} else {
|
||||
config.p2pSslOptions
|
||||
}
|
||||
val tcpTransport = p2pConnectorTcpTransport(serverAddress, sslOptions)
|
||||
val backupTransports = p2pConnectorTcpTransportFromList(config.enterpriseConfiguration.externalBrokerBackupAddresses, sslOptions)
|
||||
log.info("Connecting to message broker: $serverAddress")
|
||||
if (backupTransports.isNotEmpty()) {
|
||||
log.info("Back-up message broker addresses: ${config.enterpriseConfiguration.externalBrokerBackupAddresses}")
|
||||
|
Loading…
x
Reference in New Issue
Block a user