OP-23081: Removed cert usage for secure redis connection. (#505)

gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateConfig.groovy

@@ -121,8 +121,7 @@ class GateConfig extends RedisHttpSessionConfiguration {
    */
   @Bean
   JedisPool jedis(@Value('${redis.connection:redis://localhost:6379}') String connection,
-                  @Value('${redis.timeout:2000}') int timeout,
-                  @Value('${redis.certificate_location:#{null}}') String certFilePath) {
+                  @Value('${redis.timeout:2000}') int timeout) {
     return new JedisPool(new URI(connection), timeout)
   }
 

gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateWebConfig.groovy

@@ -48,7 +48,6 @@ import org.springframework.web.bind.annotation.ExceptionHandler
 import org.springframework.web.bind.annotation.ResponseBody
 import org.springframework.web.servlet.config.annotation.ContentNegotiationConfigurer
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry
-import org.springframework.web.servlet.config.annotation.PathMatchConfigurer
 import org.springframework.web.servlet.config.annotation.ViewControllerRegistry
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
 import org.springframework.web.servlet.handler.HandlerMappingIntrospector

gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/PostConnectionConfiguringJedisConnectionFactory.java

@@ -1,16 +1,11 @@
 package com.netflix.spinnaker.gate.config;
 
 import com.google.common.base.Splitter;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
 import java.lang.annotation.ElementType;
 import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;
 import java.net.URI;
-import java.security.KeyStore;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
 import java.util.List;
 import java.util.Optional;
 import lombok.extern.slf4j.Slf4j;
@@ -47,13 +42,10 @@ public class PostConnectionConfiguringJedisConnectionFactory extends JedisConnec
 
   private volatile boolean ranConfigureRedisAction;
 
-  private String password = "keyStorePass";
-
   @Autowired
   public PostConnectionConfiguringJedisConnectionFactory(
       @Value("${redis.connection:redis://localhost:6379}") String connectionUri,
       @Value("${redis.timeout:2000}") int timeout,
-      @Value(value = "${redis.certificate_location:#{null}}") String certFilePath,
       @ConnectionPostProcessor Optional<ConfigureRedisAction> configureRedisAction)
       throws Exception {
 
@@ -74,44 +66,6 @@ public PostConnectionConfiguringJedisConnectionFactory(
 
     if (redisUri.getScheme().equals("rediss")) {
       setUseSsl(true);
-      String jksFilePath = "/opsmx/conf/redis-truststore.jks";
-      String alias = "redis-truststore"; // An alias to identify the certificate in the keystore
-      char[] password = this.password.toCharArray(); // Keystore password
-
-      FileInputStream certInputStream = null;
-      FileOutputStream jksOutputStream = null;
-
-      /**
-       * If SSL is used then below steps add the certificate necessary for connection to redis as a
-       * java keystore and then add java keystore file's path as a system property for use in
-       * connection.
-       */
-      try {
-        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
-        certInputStream = new FileInputStream(certFilePath);
-        Certificate certificate = certificateFactory.generateCertificate(certInputStream);
-
-        KeyStore keyStore = KeyStore.getInstance("JKS");
-        keyStore.load(null, password);
-        keyStore.setCertificateEntry(alias, certificate);
-        jksOutputStream = new FileOutputStream(jksFilePath);
-        keyStore.store(jksOutputStream, password);
-
-        log.info("Certificate has been added to the KeyStore successfully.");
-      } catch (Exception e) {
-        log.error("Error in creating jks file: ", e);
-        throw e;
-      } finally {
-        if (certInputStream != null) {
-          certInputStream.close();
-        }
-        if (jksOutputStream != null) {
-          jksOutputStream.close();
-        }
-      }
-
-      System.setProperty("javax.net.ssl.trustStore", jksFilePath);
-      System.setProperty("javax.net.ssl.trustStorePassword", this.password);
     }
   }