Improve PEM certificates processing. Fix lwm2m transport test properties.

5 years ago · a47bb55dd2
2 changed files with 23 additions and 10 deletions
--- a/application/src/test/resources/application-test.properties
+++ b/application/src/test/resources/application-test.properties
@ -1,10 +1,21 @@
-transport.lwm2m.security.key_store=lwm2m/credentials/serverKeyStore.jks
-transport.lwm2m.security.key_store_password=server
+transport.lwm2m.server.security.credentials.enabled=true
+transport.lwm2m.server.security.credentials.type=KEYSTORE
+transport.lwm2m.server.security.credentials.keystore.store_file=lwm2m/credentials/serverKeyStore.jks
+transport.lwm2m.server.security.credentials.keystore.store_password=server
+transport.lwm2m.server.security.credentials.keystore.key_alias=server
+transport.lwm2m.server.security.credentials.keystore.key_password=server
+transport.lwm2m.bootstrap.security.credentials.enabled=true
+transport.lwm2m.bootstrap.security.credentials.type=KEYSTORE
+transport.lwm2m.bootstrap.security.credentials.keystore.store_file=lwm2m/credentials/serverKeyStore.jks
+transport.lwm2m.bootstrap.security.credentials.keystore.store_password=server
+transport.lwm2m.bootstrap.security.credentials.keystore.key_alias=server
+transport.lwm2m.bootstrap.security.credentials.keystore.key_password=server
+transport.lwm2m.security.trust-credentials.enabled=true
+transport.lwm2m.security.trust-credentials.type=KEYSTORE
+transport.lwm2m.security.trust-credentials.keystore.store_file=lwm2m/credentials/serverKeyStore.jks
+transport.lwm2m.security.trust-credentials.keystore.store_password=server
+
 edges.enabled=true
 edges.storage.no_read_records_sleep=500
 edges.storage.sleep_between_batches=500
-transport.lwm2m.server.security.key_alias=server
-transport.lwm2m.server.security.key_password=server
-transport.lwm2m.bootstrap.security.key_alias=server
-transport.lwm2m.bootstrap.security.key_password=server
-actors.rpc.sequential=true
+actors.rpc.sequential=true
--- a/common/transport/transport-api/src/main/java/org/thingsboard/server/common/transport/config/ssl/PemSslCredentials.java
+++ b/common/transport/transport-api/src/main/java/org/thingsboard/server/common/transport/config/ssl/PemSslCredentials.java
@ -114,9 +114,11 @@ public class PemSslCredentials extends AbstractSslCredentials {
        }
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
-        List<Certificate> unique = certificates.stream().distinct().collect(Collectors.toList());
-        for (int i = 0; i < unique.size(); i++) {
-            keyStore.setCertificateEntry("root-" + i, unique.get(i));
+        if (trustsOnly) {
+            List<Certificate> unique = certificates.stream().distinct().collect(Collectors.toList());
+            for (int i = 0; i < unique.size(); i++) {
+                keyStore.setCertificateEntry("root-" + i, unique.get(i));
+            }
        }
        if (privateKey != null) {
            CertificateFactory factory = CertificateFactory.getInstance("X.509");