[VOL-3386] Add support for secure gRPC in openolt-agent The init script of the openolt service may start with '--enable-tls <TLS_OPTION>' argument for the gRPC server. Default is insecure with no '--enable-tls' argument. The TLS capability depends upon the certificates stored at the keystore/ directory: 1. root.crt (CA public key), 2. server.crt (public key), 3.server.key (private key). Four unit tests are added for the secure gRPC server which work with the keystore-test/ directory. The certificates stored at the keystore-test/ directory are self-signed certificates, valid until Apr 11 23:16:58 2031 GMT. Change-Id: I4d18a98a0193f501f922360c79f54b0fcedf14a5

commit: 1fd770703e891684d70caf032c8603b123e00373 [log] [tgz]
author: Orhan Kupusoglu <orhan.kupusoglu@netsia.com> Tue Mar 23 08:13:25 2021 -0700
committer: Orhan Kupusoglu <orhan.kupusoglu@netsia.com> Mon May 10 22:47:30 2021 +0300
tree: 6614a65669fe25abf38249e21458339f3441a45f
parent: 3e8bfd991cb36b494ba8b2b79cde17fc66b1492d [diff] [blame]
diff --git a/agent/device/asfvolt16/mkdebian/debian/asfvolt16.postinst b/agent/device/asfvolt16/mkdebian/debian/asfvolt16.postinst
index b7ae471..ff4b68a 100644
--- a/agent/device/asfvolt16/mkdebian/debian/asfvolt16.postinst
+++ b/agent/device/asfvolt16/mkdebian/debian/asfvolt16.postinst

@@ -37,3 +37,5 @@
 /opt/bcm68620/svk_init.sh
 [ "A`cat ~/.bashrc| grep LD_LIBRARY_PATH`" = "A" ] && echo "export LD_LIBRARY_PATH=/broadcom:\$LD_LIBRARY_PATH" >> ~/.bashrc; . ~/.bashrc
 ldconfig /broadcom
+# create directory for certificates
+mkdir -p /broadcom/keystore/
commit	1fd770703e891684d70caf032c8603b123e00373	[log] [tgz]
author	Orhan Kupusoglu <orhan.kupusoglu@netsia.com>	Tue Mar 23 08:13:25 2021 -0700
committer	Orhan Kupusoglu <orhan.kupusoglu@netsia.com>	Mon May 10 22:47:30 2021 +0300
tree	6614a65669fe25abf38249e21458339f3441a45f
parent	3e8bfd991cb36b494ba8b2b79cde17fc66b1492d [diff] [blame]