academy/mq-container
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Tidy-up FIPS changes for consistency

Browse Source
This commit is contained in:
Stephen Marshall
2023-01-19 16:41:30 +00:00
committed by Stephen Marshall
parent 9518a6d3ed
commit d3a197e0f2
3 changed files with 13 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
cmd/runmqserver/post_init.go
View File

@@ -26,6 +26,15 @@ import (
func postInit(name, keyLabel string, p12Truststore tls.KeyStoreData) error {
enableWebServer := os.Getenv("MQ_ENABLE_EMBEDDED_WEB_SERVER")
if enableWebServer == "true" || enableWebServer == "1" {
// Enable FIPS for MQ Web Server if asked for.
if fips.IsFIPSEnabled() {
err := configureFIPSWebServer(p12Truststore)
if err != nil {
return err
}
}
// Configure the web server (if enabled)
webKeystore, err := configureWebServer(keyLabel, p12Truststore)
if err != nil {
@@ -37,14 +46,6 @@ func postInit(name, keyLabel string, p12Truststore tls.KeyStoreData) error {
webTruststoreRef = "MQWebKeyStore"
}
// Enable FIPS for MQ Web Server if asked for.
if len(keyLabel) > 0 && fips.IsFIPSEnabled() {
err = configureFIPSWebServer(p12Truststore)
if err != nil {
return err
}
}
// Start the web server, in the background (if installed)
// WARNING: No error handling or health checking available for the web server
go func() {

6
cmd/runmqserver/webserver.go
View File

@@ -202,10 +202,10 @@ func configureWebServer(keyLabel string, p12Truststore tls.KeyStoreData) (string
func configureFIPSWebServer(p12TrustStore tls.KeyStoreData) error {
var errOut error
// Need to update jvm.options file of MQ Web Server. We don't update the jvm.options file
// in /var/mqm/web/installations/Installation1/servers/mqweb directory. Instead we update
// the one in /var/mqm/web/installations/Installation1/servers/mqweb/configDropins/defaults.
// in /etc/mqm/web/installations/Installation1/servers/mqweb directory. Instead we update
// the one in /etc/mqm/web/installations/Installation1/servers/mqweb/configDropins/defaults.
// During runtime MQ Web Server merges the data from two files.
mqwebJvmOptsDir := "/var/mqm/web/installations/Installation1/servers/mqweb/configDropins/defaults"
mqwebJvmOptsDir := "/etc/mqm/web/installations/Installation1/servers/mqweb/configDropins/defaults"
_, errOut = os.Stat(mqwebJvmOptsDir)
if errOut == nil {
// Update the jvm.options file using the data from template file. Tell the MQ Web Server