Mongo SQL TLS support [HZ-2498]

[TomaszGaweda]

User will be able to provide 8 new parameters in Data Connections:

• enableSsl - default false
• invalidHostNameAllowed - default false
• keyStore - location of the key store, file must be present on all members
• keyStoreType - type of the key store, defaults to system default keyStore type
• keyStorePassword - password of the key store
• trustStore - location of the trust store, file must be present on all members
• trustStoreType - type of the trust store, defaults to system default keyStore type
• trustStorePassword - password of the trust store

Generated certs come from create_keymaterial_openssl script.

Fixes https://hazelcast.atlassian.net/browse/HZ-2498

Checklist:

• Labels (Team:, Type:, Source:, Module:) and Milestone set
• Label Add to Release Notes or Not Release Notes content set
• Request reviewers if possible
• Send backports/forwardports if fix needs to be applied to past/future releases
• New public APIs have @Nonnull/@Nullable annotations
• New public APIs have @since tags in Javadoc

[kwart]

There is missing support for configuring keystore and truststore for the connection. Using system properties is not a valid option for a production-ready component.

Here is a simple way how to create an SSLContext from some basic parameters:

    private static SSLContext createSSLContext(String ksFile, String ksType, char[] ksPass, String tsFile, String tsType,
            char[] tsPass) throws IOException, GeneralSecurityException {
        KeyStore ks = loadKeystore(ksFile, ksType, ksPass);
        KeyManagerFactory kmf = null;
        if (ks != null) {
            kmf = KeyManagerFactory.getInstance("PKIX");
            kmf.init(ks, ksPass);
        }
        KeyStore ts = loadKeystore(tsFile, tsType, tsPass);
        TrustManagerFactory tmf = null;
        if (ts != null) {
            tmf = TrustManagerFactory.getInstance("PKIX");
            tmf.init(ts);
        }
        SSLContext sslContext = SSLContext.getInstance("TLS");
        sslContext.init(kmf == null ? null : kmf.getKeyManagers(), tmf == null ? null : tmf.getTrustManagers(), null);
        return sslContext;
    }

    private static KeyStore loadKeystore(String ksFile, String ksType, char[] ksPass) throws IOException, GeneralSecurityException {
        if (ksFile == null) {
            return null;
        }
        KeyStore ks = KeyStore.getInstance(ksType == null ? KeyStore.getDefaultType() : ksType);
        try (InputStream stream = new FileInputStream(ksFile)) {
            ks.load(stream, ksPass);
        }
        return ks;
    }

If MongoDB supports mutualTLS then we should test it too.

[TomaszGaweda]

@kwart Please check now :)

[hz-devops-test]

The job Hazelcast-pr-EE-compiler of your PR failed. (Hazelcast internal details: build log, artifacts).
Through arcane magic we have determined that the following fragments from the build log may contain information about the problem.

Click to expand the log file

---------ERRORS-----------
--------------------------
[ERROR] Failed to execute goal pl.project13.maven:git-commit-id-plugin:4.9.10:revision (default) on project hazelcast: Could not complete Mojo execution... Missing tree 2a16e70f898cd00b6ae18a9967010c239ffe6d55 -> [Help 1]
--------------------------
[ERROR] 
--------------------------
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
--------------------------
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
--------------------------
[ERROR] 
--------------------------
[ERROR] For more information about the errors and possible solutions, please read the following articles:
--------------------------
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
--------------------------
[ERROR] 
--------------------------
[ERROR] After correcting the problems, you can resume the build with the command
--------------------------
[ERROR]   mvn  -rf :hazelcast
--------------------------

[kwart]

The system properties reconfiguration shouldn't be needed.

[TomaszGaweda]

Right, removed

[TomaszGaweda]

@kwart Removed csr/crt files and other leftovers and extracted base class :)

[kwart]

LGTM, thanks for the feature!

[hz-devops-test]

The job Hazelcast-pr-compiler of your PR failed. (Hazelcast internal details: build log, artifacts).
Through arcane magic we have determined that the following fragments from the build log may contain information about the problem.

Click to expand the log file

---------ERRORS-----------
--------------------------
[ERROR] Failed to execute goal org.codehaus.mojo:license-maven-plugin:2.2.0:add-third-party (add-third-party) on project hazelcast-jet-s3: There are some forbidden licenses used, please check your dependencies. -> [Help 1]
--------------------------
[ERROR] 
--------------------------
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
--------------------------
[ERROR] 
--------------------------
[ERROR] For more information about the errors and possible solutions, please read the following articles:
--------------------------
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException
--------------------------
[ERROR] 
--------------------------
[ERROR] After correcting the problems, you can resume the build with the command
--------------------------
[ERROR]   mvn  -rf :hazelcast-jet-s3
--------------------------

[TomaszGaweda]

@frant-hartm ready for re-review