Skip to content

Commit 85bd3d0

Browse files
author
joergboe
committed
Enhance sample HTTPTupleInjectAndView with description for app config usage
1 parent d3b1307 commit 85bd3d0

File tree

3 files changed

+18
-1
lines changed

3 files changed

+18
-1
lines changed

samples/HTTPTupleInjectAndView/com.ibm.streamsx.inet.sample.rest/SimpleInject.spl

Lines changed: 18 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,18 @@ use com.ibm.streamsx.inet.rest::*;
3535
* output/bin/standalone
3636
* Point browser to [https://localhost:1443] and accept the SEC_ERROR_UNKNOWN_ISSUER error and add an exception.
3737
*
38+
* This sample is enabled to use a secure connection by default. The server key and self signed certificate are stored
39+
* in key store etc/keystore.jks.
40+
*
41+
* To enable client authentication with client certificate add parameter `trustStore: "etc/cacerts.jks` to all three
42+
* rest operators and import the client key/certificate file `etc/client.pfx` into your browser certificate manager.
43+
*
44+
* Alternatively the import of the key- and trust-material from an Streams application configuration is supported.
45+
* Add parameter `sslAppConfigName: "streams-certs"` to all tree rest operators and remove `certificateAlias`,
46+
* `keyStore`, `keyPassword` and `trustStore`.
47+
* Generate the application configuration:
48+
* streamtool mkappconfig --description 'server cert and trust store' --property "server.jks=$(base64 --wrap=0 etc/keystore.jks)" --property "server.pass=changeit" --property "cacerts.jks=$(base64 --wrap=0 etc/cacerts.jks)" streams-certs
49+
*
3850
*/
3951
public composite SimpleInject {
4052

@@ -45,7 +57,8 @@ public composite SimpleInject {
4557
certificateAlias: "mykey";
4658
keyStore: "etc/keystore.jks";
4759
keyPassword: "changeit";
48-
//context: "sensors";
60+
//trustStore: "etc/cacerts.jks";
61+
//sslAppConfigName: "streams-certs";
4962
config
5063
// Ensure the operators are in a single PE to have a single web-server
5164
placement: partitionColocation("jetty1443");
@@ -59,6 +72,8 @@ public composite SimpleInject {
5972
certificateAlias: "mykey";
6073
keyStore: "etc/keystore.jks";
6174
keyPassword: "changeit";
75+
//trustStore: "etc/cacerts.jks";
76+
//sslAppConfigName: "streams-certs";
6277
context: "state";
6378
contextResourceBase: "opt/statetest";
6479
config
@@ -72,6 +87,8 @@ public composite SimpleInject {
7287
certificateAlias: "mykey";
7388
keyStore: "etc/keystore.jks";
7489
keyPassword: "changeit";
90+
//trustStore: "etc/cacerts.jks";
91+
//sslAppConfigName: "streams-certs";
7592
context: "wct";
7693
contextResourceBase: "opt/wctest";
7794
config

samples/HTTPTupleInjectAndView/etc/cacerts.jks

971 Bytes
Binary file not shown.

samples/HTTPTupleInjectAndView/etc/client.pfx

2.67 KB
Binary file not shown.

0 commit comments

Comments
 (0)