Merge pull request #17 from Axway-API-Management-Plus/domaincert

rathnapandi · web-flow · commit d3e12eb0931c · 2021-02-04T10:35:14.000-07:00
Fix #15
diff --git a/README.md b/README.md
@@ -279,6 +279,9 @@ $./run.sh publish/publish.py -i /home/axway/apim-policy-password-cert-env/src/ma
 ```
 The above script connects to local Node manager and deploys the new LoadableModule. If  Node manager is running on some other machine, add url. Also, the username and password is hardcoded to default values, use the username and password parameters to provide new value. 
 
+Guide to Externalize EMT Admin node manager and gateway domain certificates - [domain certs](domain.md).
+
+
 ## Contributing
 
 ![Contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen)  
diff --git a/domain.md b/domain.md
@@ -49,12 +49,6 @@ keyUsage = digitalSignature, dataEncipherment, keyAgreement, keyEncipherment
 extendedKeyUsage = serverAuth, clientAuth, 1.3.6.1.4.1.17998.10.1.1.2.1, 1.3.6.1.4.1.17998.10.1.1.2.2
 subjectAltName = @alt_names
 
-[node_manager_extensions]
-basicConstraints = CA:FALSE
-keyUsage = digitalSignature, dataEncipherment, keyAgreement
-extendedKeyUsage = serverAuth, clientAuth, 1.3.6.1.4.1.17998.10.1.1.2.1
-subjectAltName = @alt_names
-
 [gateway_extensions]
 basicConstraints = CA:FALSE
 keyUsage = digitalSignature, dataEncipherment, keyAgreement
@@ -83,7 +77,7 @@ openssl pkcs12 -export -in signedbyCA.crt -inkey dss-key.pem -out domain.p12 -ch
 
 - Prepare Admin Node Manager fed file
 
-    - Export Admin Node manager fed from classic installation, remove existing topology-cert and change remove / rename port name without blank space (e.g sslport)
+    - Export Admin Node manager fed from classic installation, remove existing topology-cert and rename port name - "Management HTTPS Interface". The name should not contain any blank space (e.g sslport)
 
     - Import loadable module
   Policystudio using File -> Import -> Import Custom filters -> select apim-policy-password-cert-env/src/main/resources/typeSet.xml.
@@ -159,7 +153,7 @@ command creates a file named signedbygatewayCA.crt
 openssl pkcs12 -export -in signedbygatewayCA.crt -inkey dssgateway-key.pem -out topology.p12 -chain -CAfile CA.pem -name 'topology-cert' -passout pass:
 ```
 
-- Prepare Admin Node Manager fed file
+- Prepare API Gateway fed file
 
     - Import loadable module
       Policystudio using File -> Import -> Import Custom filters -> select apim-policy-password-cert-env/src/main/resources/typeSet.xml.
diff --git a/src/test/java/com/axway/ExternalInstanceDomainCertTest.java b/src/test/java/com/axway/ExternalInstanceDomainCertTest.java
@@ -21,7 +21,7 @@ public class ExternalInstanceDomainCertTest {
     public void testCerts(){
         try {
             PKCS12 pkcs12 = certHelper.parseP12(new File(ClassLoader.getSystemResource("topology.p12").getFile()), "".toCharArray());
-            File certsXml = new File("src/");
+            File certsXml = new File("src/test/resources/");
             certsXml = new File(certsXml, "certs.xml");
             externalInstanceDomainCert.certsFile(pkcs12, certsXml);
         } catch (KeyStoreException e) {
@@ -39,7 +39,7 @@ public void testCerts(){
 
     @Test
     public void testUpdateMgmtFile(){
-        File file = new File("src/mgmt.xml");
+        File file = new File("src/test/resources/mgmt.xml");
         try {
             externalInstanceDomainCert.updateMgmtFile(file, "cn=dss");
         } catch (ParserConfigurationException e) {
