diff --git a/cygnus-common/src/main/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImpl.java b/cygnus-common/src/main/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImpl.java
index 7f45db7c1..673e5efa9 100644
--- a/cygnus-common/src/main/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImpl.java
+++ b/cygnus-common/src/main/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImpl.java
@@ -40,7 +40,6 @@
import java.util.List;
import java.util.TimeZone;
import java.util.concurrent.TimeUnit;
-import javax.net.ssl.SSLContext;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;
@@ -73,8 +72,7 @@ public enum Resolution { SECOND, MINUTE, HOUR, DAY, MONTH }
private final Boolean sslInvalidHostNameAllowed;
private final String sslKeystorePathFile;
private final String sslKeystorePassword;
- private final String sslTruststorePathFile;
- private final String sslTruststorePassword;
+ private final String sslCAPathFile;
private final DataModel dataModel;
private static final CygnusLogger LOGGER = new CygnusLogger(MongoBackendImpl.class);
@@ -91,7 +89,7 @@ public MongoBackendImpl(String mongoHosts, String mongoUsername, String mongoPas
String mongoAuthSource, String mongoReplicaSet, DataModel dataModel,
Boolean sslEnabled, Boolean sslInvalidHostNameAllowed,
String sslKeystorePathFile, String sslKeystorePassword,
- String sslTruststorePathFile, String sslTruststorePassword) {
+ String sslCAPathFile) {
client = null;
this.mongoHosts = mongoHosts;
this.mongoUsername = mongoUsername;
@@ -102,8 +100,7 @@ public MongoBackendImpl(String mongoHosts, String mongoUsername, String mongoPas
this.sslInvalidHostNameAllowed = sslInvalidHostNameAllowed;
this.sslKeystorePathFile = sslKeystorePathFile;
this.sslKeystorePassword = sslKeystorePassword;
- this.sslTruststorePathFile = sslTruststorePathFile;
- this.sslTruststorePassword = sslTruststorePassword;
+ this.sslCAPathFile = sslCAPathFile;
this.dataModel = dataModel;
} // MongoBackendImpl
@@ -613,26 +610,23 @@ private MongoDatabase getDatabase(String dbName) {
if (sslEnabled) {
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
- KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
if ((sslKeystorePathFile != null) && !sslKeystorePathFile.isEmpty()) {
- try (InputStream keyStoreStream = new FileInputStream(sslKeystorePathFile)) {
+ InputStream keyStoreStream = new FileInputStream(sslKeystorePathFile);
keyStore.load(keyStoreStream, sslKeystorePassword.toCharArray());
- }
} else {
keyStore.load(null);
}
- if ((sslTruststorePathFile != null) && !sslTruststorePathFile.isEmpty()) {
- try (InputStream trustStoreStream = new FileInputStream(sslTruststorePathFile)) {
- trustStore.load(trustStoreStream, sslTruststorePassword.toCharArray());
- CertificateFactory cf = CertificateFactory.getInstance("X.509");
- X509Certificate caCert = (X509Certificate) cf.generateCertificate(trustStoreStream);
- keyStore.setCertificateEntry("caCert", caCert);
- }
+ if ((sslCAPathFile != null) && !sslCAPathFile.isEmpty()) {
+ InputStream caStream = new FileInputStream(sslCAPathFile);
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ X509Certificate caCert = (X509Certificate) cf.generateCertificate(caStream);
+ LOGGER.debug("CA subjectDN: " + caCert.getSubjectDN());
+ keyStore.setCertificateEntry("caCert", caCert);
}
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
sslContext = SSLContext.getInstance("TLS");
- sslContext.init(null, trustManagerFactory.getTrustManagers(), new java.security.SecureRandom());
+ sslContext.init(null, trustManagerFactory.getTrustManagers(), null);
} catch (Exception e) {
LOGGER.warn("Error when init SSL Context: " + e.getMessage());
}
diff --git a/cygnus-common/src/test/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImplTest.java b/cygnus-common/src/test/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImplTest.java
index f4bb076f9..adefd8261 100644
--- a/cygnus-common/src/test/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImplTest.java
+++ b/cygnus-common/src/test/java/com/telefonica/iot/cygnus/backends/mongo/MongoBackendImplTest.java
@@ -53,7 +53,7 @@ public MongoBackendImplTest() {
public void testGetRange() {
System.out.println(getTestTraceHead("[MongoBackendImpl.getRange]")
+ "-------- Given a resolution, its related range is correctly returned");
- MongoBackendImpl backend = new MongoBackendImpl(null, null, null, null, null, null, false, false, null, null, null, null);
+ MongoBackendImpl backend = new MongoBackendImpl(null, null, null, null, null, null, false, false, null, null, null);
try {
@@ -115,7 +115,7 @@ public void testGetRange() {
public void testGetOrigin() {
System.out.println(getTestTraceHead("[MongoBackendImpl.getOrigin]")
+ "-------- Given a calendar and a resolution, its related origin is correctly returned");
- MongoBackendImpl backend = new MongoBackendImpl(null, null, null, null, null, null, false, false, null, null, null, null);
+ MongoBackendImpl backend = new MongoBackendImpl(null, null, null, null, null, null, false, false, null, null, null);
GregorianCalendar calendar = new GregorianCalendar(2017, 4, 5, 11, 46, 13);
try {
@@ -198,7 +198,7 @@ public void testGetOrigin() {
public void testGetOffset() {
System.out.println(getTestTraceHead("[MongoBackendImpl.getOffset]")
+ "-------- Given a calendar and a resolution, its related offset is correctly returned");
- MongoBackendImpl backend = new MongoBackendImpl(null, null, null, null, null, null, false, false, null, null, null, null);
+ MongoBackendImpl backend = new MongoBackendImpl(null, null, null, null, null, null, false, false, null, null, null);
GregorianCalendar calendar = new GregorianCalendar(2017, 3, 5, 11, 46, 13); // month 3 is April
try {
@@ -266,7 +266,7 @@ public void testBuildQueryForInsertAggregated() {
String entityType = "someType";
String attrName = "someName";
GregorianCalendar calendar = new GregorianCalendar(2017, 3, 5, 11, 46, 13); // month 3 is April
- MongoBackendImpl backend = new MongoBackendImpl(null, null, null, null, null, DataModel.DMBYSERVICEPATH, false, false, null, null, null, null);
+ MongoBackendImpl backend = new MongoBackendImpl(null, null, null, null, null, DataModel.DMBYSERVICEPATH, false, false, null, null, null);
String queryForInsertAggregated = "{\"_id\": {\"entityId\": \"someId\", \"entityType\": \"someType\", "
+ "\"attrName\": \"someName\", \"origin\": {\"$date\": 1491392760000}, "
+ "\"resolution\": \"second\", \"range\": \"minute\"}, \"points.offset\": 13}";
@@ -353,7 +353,7 @@ public void testBuildQueryForInsertAggregated() {
throw e;
} // try catch
- backend = new MongoBackendImpl(null, null, null, null, null, DataModel.DMBYENTITY, false, false, null, null, null, null);
+ backend = new MongoBackendImpl(null, null, null, null, null, DataModel.DMBYENTITY, false, false, null, null, null);
queryForInsertAggregated = "{\"_id\": {\"attrName\": \"someName\", "
+ "\"origin\": {\"$date\": 1491392760000}, \"resolution\": \"second\", "
@@ -457,7 +457,7 @@ public void testBuildUpdateForUpdateNumerical() {
double sum2 = 200;
int numSamples = 2;
GregorianCalendar calendar = new GregorianCalendar(2017, 3, 5, 11, 46, 13); // month 3 is April
- MongoBackendImpl backend = new MongoBackendImpl(null, null, null, null, null, null, false, false, null, null, null, null);
+ MongoBackendImpl backend = new MongoBackendImpl(null, null, null, null, null, null, false, false, null, null, null);
String updateForUpdate = "{\"$set\": {\"attrType\": \"someType\"}, "
+ "\"$inc\": {\"points.$.samples\": 2, \"points.$.sum\": 20.0, \"points.$.sum2\": 200.0}, "
+ "\"$min\": {\"points.$.min\": 0.0}, \"$max\": {\"points.$.max\": 10.0}}";
@@ -489,7 +489,7 @@ public void testBuildUpdateForUpdateString() {
String value = "someString";
int count = 2;
GregorianCalendar calendar = new GregorianCalendar(2017, 3, 5, 11, 46, 13); // month 3 is April
- MongoBackendImpl backend = new MongoBackendImpl(null, null, null, null, null, null, false, false, null, null, null, null);
+ MongoBackendImpl backend = new MongoBackendImpl(null, null, null, null, null, null, false, false, null, null, null);
String updateForUpdate = "{\"$set\": {\"attrType\": \"someType\"}, "
+ "\"$inc\": {\"points.13.samples\": 2, \"points.13.occur.someString\": 2}}";
diff --git a/cygnus-ngsi/src/main/java/com/telefonica/iot/cygnus/sinks/NGSIMongoBaseSink.java b/cygnus-ngsi/src/main/java/com/telefonica/iot/cygnus/sinks/NGSIMongoBaseSink.java
index bf355d64f..8989a62ba 100644
--- a/cygnus-ngsi/src/main/java/com/telefonica/iot/cygnus/sinks/NGSIMongoBaseSink.java
+++ b/cygnus-ngsi/src/main/java/com/telefonica/iot/cygnus/sinks/NGSIMongoBaseSink.java
@@ -43,8 +43,7 @@ public abstract class NGSIMongoBaseSink extends NGSISink {
protected Boolean sslInvalidHostNameAllowed;
protected String sslKeystorePathFile;
protected String sslKeystorePassword;
- protected String sslTruststorePathFile;
- protected String sslTruststorePassword;
+ protected String sslCAPathFile;
protected String dbPrefix;
protected String collectionPrefix;
protected MongoBackendImpl backend;
@@ -204,11 +203,9 @@ public void configure(Context context) {
sslKeystorePassword = context.getString("mongo_ssl_keystore_password", "");
LOGGER.debug("[" + this.getName() + "] Reading configuration (mongo_ssl_keystore_password=" + sslKeystorePassword + ")");
- sslTruststorePathFile = context.getString("mongo_ssl_truststore_path_file", "");
- LOGGER.debug("[" + this.getName() + "] Reading configuration (mongo_ssl_truststore_path_file=" + sslTruststorePathFile + ")");
+ sslCAPathFile = context.getString("mongo_ssl_ca_path_file", "");
+ LOGGER.debug("[" + this.getName() + "] Reading configuration (mongo_ssl_ca_path_file=" + sslCAPathFile + ")");
- sslTruststorePassword = context.getString("mongo_ssl_truststore_password", "");
- LOGGER.debug("[" + this.getName() + "] Reading configuration (mongo_ssl_truststore_password=" + sslTruststorePassword + ")");
} // configure
@@ -219,7 +216,7 @@ public void start() {
mongoAuthSource, mongoReplicaSet, dataModel,
sslEnabled, sslInvalidHostNameAllowed,
sslKeystorePathFile, sslKeystorePassword,
- sslTruststorePathFile, sslTruststorePassword);
+ sslCAPathFile);
LOGGER.debug("[" + this.getName() + "] MongoDB persistence backend created");
} catch (Exception e) {
LOGGER.error("Error while creating the MongoDB persistence backend. Details="
diff --git a/doc/cygnus-ngsi/flume_extensions_catalogue/ngsi_mongo_sink.md b/doc/cygnus-ngsi/flume_extensions_catalogue/ngsi_mongo_sink.md
index 575ceb4d3..7d3e1fd77 100644
--- a/doc/cygnus-ngsi/flume_extensions_catalogue/ngsi_mongo_sink.md
+++ b/doc/cygnus-ngsi/flume_extensions_catalogue/ngsi_mongo_sink.md
@@ -324,8 +324,7 @@ When datamodel changes Cygnus tries to recreate index (delete current and create
| mongo\_ssl\_invalid\_host\_allowed | no | false | Allow invalid host name in mongo SSL connections |
| mongo\_ssl\_keystore\_path\_file | no | empty | Java SSL KeyStore path file (JKS file). A JKS file could be create from a certificate file using keytool: ```keytool -importkeystore -srckeystore certificate.p12 -srcstoretype pkcs12 -destkeystore mongo_ssl_keystore.jks``` |
| mongo\_ssl\_keystore\_password | no | empty | Java SSL KeyStore password for keystore file (JKS file). |
-| mongo\_ssl\_truststore\_path\_file | no | empty | Java SSL TrustStore for CAs path file (JKS file). |
-| mongo\_ssl\_truststore\_password | no | empty | Java SSL TrustStore password for keystore file (JKS file). |
+| mongo\_ssl\_ca\_path\_file | no | empty | Certificate Authority (CA) path file (PEM file). |
| collection\_prefix | no | sth_ | `system.` is not accepted. |
| batch\_size | no | 1 | Number of events accumulated before persistence. |
| batch\_timeout | no | 30 | Number of seconds the batch will be building before it is persisted as it is. |