Commit ddcb54e4 authored by Luca Cinquini's avatar Luca Cinquini
Browse files

Updating ESGF CA certificate bundle and fixing problem with ATS endpoint.

parent b7eb17a9

docker-stack.yml

+0 −6
Original line number Diff line number Diff line
@@ -48,8 +48,6 @@ secrets: 
    file: $ESGF_CONFIG/httpd/certs/cachain.pem

  httpd_esgf-ca-bundle_crt:

    file: $ESGF_CONFIG/httpd/certs/esgf-ca-bundle.crt

  #httpd_esgf-ca-bundle_crt-orig:

  #  file: $ESGF_CONFIG/httpd/certs/esgf-ca-bundle.crt-orig

  httpd_hostcert_pem:

    file: $ESGF_CONFIG/httpd/certs/hostcert.pem

  httpd_hostcert_pkcs12:
@@ -107,8 +105,6 @@ services: 
        target: /etc/certs/cachain.pem

      - source: httpd_esgf-ca-bundle_crt

        target: /etc/certs/esgf-ca-bundle.crt

      #- source: httpd_esgf-ca-bundle_crt-orig

      #  target: /etc/certs/esgf-ca-bundle.crt-orig

      - source: httpd_hostcert_pem

        target: /etc/certs/hostcert.pem

      - source: httpd_hostcert_pkcs12
@@ -317,8 +313,6 @@ services: 
        target: /etc/certs/cachain.pem

      - source: httpd_esgf-ca-bundle_crt

        target: /etc/certs/esgf-ca-bundle.crt

      #- source: httpd_esgf-ca-bundle_crt-orig

      #  target: /etc/certs/esgf-ca-bundle.crt-orig

      - source: httpd_hostcert_pem

        target: /etc/certs/hostcert.pem

      - source: httpd_hostcert_pkcs12

esgf_config/esg/config/esgf_ats.xml

+1 −1
Original line number Diff line number Diff line 
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<ats_whitelist xmlns="http://www.esgf.org/whitelist">

    <attribute type="wheel" attributeService="https://esgf-node.jpl.nasa.gov/esgf-idp/saml/soap/secure/attributeService.htm" description="Administrator Group"/>

    <attribute type="wheel" attributeService="https://my.esgf.node/esgf-idp/saml/soap/secure/attributeService.htm" description="Administrator Group"/>

</ats_whitelist>

esgf_config/httpd/certs/esgf-ca-bundle.crt-orig

deleted100644 → 0
+0 −1315

File deleted.

Preview size limit exceeded, changes collapsed.

scripts/change_hostname.sh

+1 −0
Original line number Diff line number Diff line
@@ -18,6 +18,7 @@ echo "Changing hostname to: $ESGF_HOSTNAME" 
sed -i.back 's/my\.esgf\.node/'"${ESGF_HOSTNAME}"'/g' $ESGF_CONFIG/esg/config/esgf.properties

sed -i.back 's/my\.esgf\.node/'"${ESGF_HOSTNAME}"'/g' $ESGF_CONFIG/esg/config/esgf_idp_static.xml

sed -i.back 's/my\.esgf\.node/'"${ESGF_HOSTNAME}"'/g' $ESGF_CONFIG/esg/config/esgf_shards_static.xml

sed -i.back 's/my\.esgf\.node/'"${ESGF_HOSTNAME}"'/g' $ESGF_CONFIG/esg/config/esgf_ats.xml



# change apache httpd configuration

sed -i.back 's/my\.esgf\.node/'"${ESGF_HOSTNAME}"'/g' $ESGF_CONFIG/httpd/conf/esgf-httpd.conf

scripts/generate_certificates.sh

+1 −1
Original line number Diff line number Diff line
@@ -29,7 +29,7 @@ fi 
mkdir -p $ESGF_CONFIG/esgfcerts

cd $ESGF_CONFIG/esgfcerts

cp ../esg/config/tomcat/esg-truststore.ts ./esg-truststore.ts

cp ../httpd/certs/esgf-ca-bundle.crt-orig ./esgf-ca-bundle.crt

cp ../httpd/certs/esgf-ca-bundle.crt ./esgf-ca-bundle.crt



# generate host private key hostkey.pem, certificate hostcert.pem

echo ""