Generate proxy certificate and inject in trust store

2 files changed, 7 insertions, 10 deletions

diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/DataplaneProxyConfigurator.java b/container-disc/src/main/java/com/yahoo/container/jdisc/DataplaneProxyConfigurator.java
index 4c637b5798d..340c0035052 100644
--- a/container-disc/src/main/java/com/yahoo/container/jdisc/DataplaneProxyConfigurator.java
+++ b/container-disc/src/main/java/com/yahoo/container/jdisc/DataplaneProxyConfigurator.java
@@ -3,7 +3,7 @@ package com.yahoo.container.jdisc;
 
 import com.yahoo.cloud.config.DataplaneProxyConfig;
 import com.yahoo.component.AbstractComponent;
-import com.yahoo.jdisc.http.ConnectorConfig;
+import com.yahoo.jdisc.http.server.jetty.DataplaneProxyCredentials;
 
 /**
  * Reconfigurable component for supporting data plane proxy. Configures the {@code DataplaneProxyService} by calling {@code DataplaneProxyService#init}
@@ -12,8 +12,8 @@ import com.yahoo.jdisc.http.ConnectorConfig;
  */
 public class DataplaneProxyConfigurator extends AbstractComponent {
 
-    public DataplaneProxyConfigurator(DataplaneProxyConfig config, DataplaneProxyService dataplaneProxyService) {
-        dataplaneProxyService.reconfigure(config);
+    public DataplaneProxyConfigurator(DataplaneProxyConfig config, DataplaneProxyService dataplaneProxyService, DataplaneProxyCredentials credentialsProvider) {
+        dataplaneProxyService.reconfigure(config, credentialsProvider);
     }
 
     @Override
diff --git a/container-disc/src/main/java/com/yahoo/container/jdisc/DataplaneProxyService.java b/container-disc/src/main/java/com/yahoo/container/jdisc/DataplaneProxyService.java
index 5b0cdfaf630..230d017c584 100644
--- a/container-disc/src/main/java/com/yahoo/container/jdisc/DataplaneProxyService.java
+++ b/container-disc/src/main/java/com/yahoo/container/jdisc/DataplaneProxyService.java
@@ -3,6 +3,7 @@ package com.yahoo.container.jdisc;
 
 import com.yahoo.cloud.config.DataplaneProxyConfig;
 import com.yahoo.component.AbstractComponent;
+import com.yahoo.jdisc.http.server.jetty.DataplaneProxyCredentials;
 
 import javax.inject.Inject;
 import java.io.IOException;
@@ -36,22 +37,18 @@ public class DataplaneProxyService extends AbstractComponent {
         this.started = false;
     }
 
-    public void reconfigure(DataplaneProxyConfig config) {
+    public void reconfigure(DataplaneProxyConfig config, DataplaneProxyCredentials credentialsProvider) {
         try {
             String serverCert = config.serverCertificate();
             String serverKey = config.serverKey();
-            String clientCert = config.clientCertificate();
-            String clientKey = config.clientKey();
 
             boolean configChanged = false;
-            configChanged |= writeFile(clientCertificateFile, clientCert);
-            configChanged |= writeFile(clientKeyFile, clientKey);
             configChanged |= writeFile(serverCertificateFile, serverCert);
             configChanged |= writeFile(serverKeyFile, serverKey);
             configChanged |= writeFile(nginxConf,
                       nginxConfig(
-                              clientCertificateFile,
-                              clientKeyFile,
+                              credentialsProvider.certificateFile(),
+                              credentialsProvider.keyFile(),
                               serverCertificateFile,
                               serverKeyFile,
                               URI.create(config.mTlsEndpoint()),