iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated configs

This commit is contained in:
Saikat Chakraborty 2022-10-06 19:18:39 +05:30
parent 87c5981736
commit 55639b0add
5 changed files with 40 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
persistence-modules/spring-boot-mysql/mysql-server/convertcerts.sh Normal file
View File

@ -0,0 +1,7 @@
# Convert pem to jks file
mkdir certs
keytool -importcert -alias MySQLCACert.jks -file ./data/ca.pem \
-keystore ./certs/truststore.jks -storepass mypassword
openssl pkcs12 -export -in ./data/client-cert.pem -inkey ./data/client-key.pem -out ./certs/certificate.p12 -name "certificate"
keytool -importkeystore -srckeystore ./certs/certificate.p12 -srcstoretype pkcs12 -destkeystore ./certs/client-cert.jks

9
persistence-modules/spring-boot-mysql/mysql-server/docker-compose.yml
View File

@ -6,17 +6,14 @@ services:
container_name: mysql-db
command: [ "mysqld",
"--require_secure_transport=ON",
"--ssl-ca=/etc/certs/root-ca.pem",
"--ssl-cert=/etc/certs/server-cert.pem",
"--ssl-key=/etc/certs/server-key.pem",
"--default_authentication_plugin=mysql_native_password",
"--general_log=ON" ]
ports:
- "3306:3306"
volumes:
- type: bind
source: ./certs
target: /etc/certs/
- type: bind
source: ./data
target: /var/lib/mysql
restart: always
environment:
MYSQL_ROOT_HOST: "%"

35
persistence-modules/spring-boot-mysql/mysql-server/generatecerts.sh
View File

@ -1,35 +0,0 @@
mkdir certs
cd ./certs
# Generate new CA certificate ca.pem file.
openssl genrsa 2048 > root-ca-key.pem
openssl req -new -x509 -nodes -days 3600 \
-subj "/C=SE/ST=STOCKHOLM/L=Test/CN=fake-CA" \
-key root-ca-key.pem -out root-ca.pem
# Create the server-side certificates
openssl req -newkey rsa:2048 -days 3600 -nodes \
-subj "/C=SE/ST=STOCKHOLM/L=Test/CN=localhost" \
-keyout server-key.pem -out server-req.pem
openssl rsa -in server-key.pem -out server-key.pem
openssl x509 -req -in server-req.pem -days 3600 \
-CA root-ca.pem -CAkey root-ca-key.pem -set_serial 01 -out server-cert.pem
# Create the client-side certificates
openssl req -newkey rsa:2048 -days 3600 -nodes \
-subj "/C=SE/ST=STOCKHOLM/L=Test/CN=localhost" \
-keyout client-key.pem -out client-req.pem
openssl rsa -in client-key.pem -out client-key.pem
openssl x509 -req -in client-req.pem -days 3600 \
-CA root-ca.pem -CAkey root-ca-key.pem -set_serial 01 -out client-cert.pem
# Verify the certificates are correct
openssl verify -CAfile root-ca.pem server-cert.pem client-cert.pem
# Convert pem to jks file
keytool -importcert -alias MySQLCACert.jks -file root-ca.pem \
-keystore truststore.jks -storepass mypassword
openssl pkcs12 -export -in client-cert.pem -inkey client-key.pem -out certificate.p12 -name "certificate"
keytool -importkeystore -srckeystore certificate.p12 -srcstoretype pkcs12 -destkeystore client-cert.jks

17
persistence-modules/spring-boot-mysql/pom.xml
View File

@ -42,4 +42,21 @@
<mysql-connector-java.version>8.0.23</mysql-connector-java.version>
</properties>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<version>2.1.5.RELEASE</version>
<executions>
<execution>
<goals>
<goal>repackage</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>

13
persistence-modules/spring-boot-mysql/start_app.sh Normal file
View File

@ -0,0 +1,13 @@
export TRUSTSTORE=./mysql-server/certs/truststore.jks
export TRUSTSTORE_PASSWORD=mypassword
export KEYSTORE=./mysql-server/certs/client-cert.jks
export KEYSTORE_PASSWORD=mypassword
export SPRING_DATASOURCE_URL=jdbc:mysql://localhost:3306/test_db?sslMode=VERIFY_CA
export SPRING_DATASOURCE_USERNAME=test_user
export SPRING_DATASOURCE_PASSWORD=Password2022
java -Djavax.net.ssl.keyStore=$KEYSTORE \
-Djavax.net.ssl.keyStorePassword=$KEYSTORE_PASSWORD \
-Djavax.net.ssl.trustStore=$TRUSTSTORE \
-Djavax.net.ssl.trustStorePassword=$TRUSTSTORE_PASSWORD \
-jar ./target/spring-boot-mysql-0.1.0.jar