grouper-study - Re: managing java CA keystore in a container?
Subject: grouper-study
List archive
- From: John Gasper <>
- To: Liam Hoekenga <>, <>
- Subject: Re: managing java CA keystore in a container?
- Date: Wed, 11 Jul 2018 13:14:54 -0700
- Ironport-phdr: 9a23:j3T2XBMa/DjX+BEGJUAl6mtUPXoX/o7sNwtQ0KIMzox0IvzzrarrMEGX3/hxlliBBdydt6oazbKO+4nbGkU4qa6bt34DdJEeHzQksu4x2zIaPcieFEfgJ+TrZSFpVO5LVVti4m3peRMNQJW2aFLduGC94iAPERvjKwV1Ov71GonPhMiryuy+4ZLebxlJiTanfb9+MAi9oBnMuMURnYZsMLs6xAHTontPdeRWxGdoKkyWkh3h+Mq+/4Nt/jpJtf45+MFOTav1f6IjTbxFFzsmKHw65NfqtRbYUwSC4GYXX3gMnRpJBwjF6wz6Xov0vyDnuOdxxDWWMMvrRr0vRz+s87lkRwPpiCcfNj427mfXitBrjKlGpB6tvgFzz5LIbI2QMvd1Y6HTcs4ARWdZUMlfWTFPDIOiYYUMAeoOP+lXoJXmqlQUsRe+ABOhCP/1xzJKgHL9wK000/4mEQHDxAEuG9UOsHTSrN7oNakdS/u1zLHWwjXZcvhb3jX96IfSfRA6ufGDQ6hwfNHMyUkpFgPKklKQqYr/MzOTyOsNr3GW4ux9Xuysk24qswF8rze1ysoul4XFnJ8Zx1DF+Clj3oo5O9y1RFZ6bNOmCpdcqjyWO5dsTs88Xm1lujw2xqAItJKleiUB1Y4pyATFa/OddoiF+hLjW/iVITd/nH9kebO/hxOp/ki60OLwTNS00FBLriVZldnMsGoB1xrN5cibUvd9/0Gh1iiT1w3L6uxJLlo4mKjGJ5I737I9lpsevV7dEiPomUj6lKqWeV8l+uis5eTneLLmppqEOo92hQHxKL8umtShDuQiKQUOQm6b+eWg273k+031WrNKgeMqkqXBqpDVOdwbprKlAw9Syosj5Ay/DzC70NQAg3YHNktJeAmbj4j0Jl7PIOv1DfO+g1S3jDdr3O7KMqfgApXLMnjMjq3hfbBj5E5A1gY/185Q6I9JCuJJHPWmfk74sZT4CRI6Pgq7yq6zDNR005k2RGeOCa/fPa/P5xvAsu01JPSUaZVQoyrgJ+kN5vjygGU/lENHO6SlwM1ERmq/G6FEJEWfKVXlmc8MCy9evAU3V/TnknWfVz9YYHD0Wa8gsGJoQLm6BJvOE9j+yIeK2z22S9gPPjhL
Hi Liam, I’d argue if you are adding them at runtime, you could/should just include them as Docker Config/bind mount/k8 configmap instead of doing it in the container start-up. Otherwise add them to the image, if those CA certs are shared across env: RUN /usr/lib/jvm/zulu-8/bin/keytool -import -alias ourCA -keystore /usr/lib/jvm/zulu-8/jre/lib/security/cacerts -file /cacert.der -storepass changeit -noprompt
From: <> on behalf of Liam Hoekenga <> Does anyone have any pointers on adding custom CA certificates to the java cacerts keystore inside of a container? Liam |
- managing java CA keystore in a container?, Liam Hoekenga, 07/11/2018
- Re: managing java CA keystore in a container?, John Gasper, 07/11/2018
- RE: managing java CA keystore in a container?, Coleman, Erik C, 07/12/2018
- Re: managing java CA keystore in a container?, Liam Hoekenga, 07/12/2018
- Re: managing java CA keystore in a container?, John Gasper, 07/11/2018
Archive powered by MHonArc 2.6.19.