Added support for CA certs and changed default location of certs to /cert/cert.*

cmd/export-distro/res/configuration.toml

@@ -40,8 +40,8 @@ File = './logs/edgex-export-distro.log'
 
 [Certificates]
   [Certificates.MQTTS]
-  Cert = 'dummy.crt'
-  Key = 'dummy.key'
+  Cert = '/certs/export.crt'
+  Key = '/certs/export.key'
 
   [Certificates.AWS]
   Cert = 'dummy.crt'

internal/export/distro/mqtt.go

@@ -15,6 +15,8 @@ import (
 	"fmt"
 	"strconv"
 	"strings"
+	"io/ioutil"
+	"crypto/x509"
 
 	MQTT "github.com/eclipse/paho.mqtt.golang"
 	contract "github.com/edgexfoundry/go-mod-core-contracts/models"
@@ -41,12 +43,22 @@ func newMqttSender(addr contract.Addressable, cert string, key string) sender {
 		cert, err := tls.LoadX509KeyPair(cert, key)
 
 		if err != nil {
-			LoggingClient.Error("Failed loading x509 data")
+			LoggingClient.Error(fmt.Sprintf("Failed loading x509 data: %v", err))
 			return nil
 		}
 
-		tlsConfig := &tls.Config{
-			ClientCAs:          nil,
+		// Add support for custom CA
+		certpool := x509.NewCertPool()
+		pem, err := ioutil.ReadFile("/certs/ca.pem")
+		if err != nil {
+			LoggingClient.Error(fmt.Sprintf("Failed to read client certificate authority: %v", err))
+		}
+		if !certpool.AppendCertsFromPEM(pem) {
+			LoggingClient.Error("Can't parse client certificate authority")
+		}
+
+		tlsConfig := &tls.Config {
+			ClientCAs:          certpool,
 			InsecureSkipVerify: true,
 			Certificates:       []tls.Certificate{cert},
 		}

make-konnekt-docker.sh

+#!/bin/sh
+docker build \
+	-f cmd/export-distro/Dockerfile \
+	--label "git_sha=1c2449f73fa961aa7634dfaed45422a7c979d68e" \
+	-t edgexfoundry/docker-export-distro-go:1c2449f73fa961aa7634dfaed45422a7c979d68e \
+	-t edgexfoundry/docker-export-distro-go:1.0.0-dev \
+	-t registry.bda.ikerlan.es/konnektbox/docker-export-distro-go:1.0.0 \
+	.
+