Good morning to everyone,
First of all I want to congratulate this entire community for the support
they provide to the uninitiated in everything related to home and to
apologize for my rusty English.
I will explain where I am stuck.
We have a cas service deployed in a kubernettes cluster and we want to add
the recaptcha option to it.
We also have an internet access firewall in our organization that allows
only encrypted traffic with the certificate of the aforementioned firewall.
The problem that I am finding is in adding this certificate to the trusted
certificate store in the docker image because jibDockerBuild does not add
the certificate store of the development machine but a clean one.
I have added the certificate file in / etc / cas / config / and I am trying
to import it through the Dockerfile without any success.
any ideas?
Thanks in advance for the help.
Dockerfile--------------------
FROM adoptopenjdk/openjdk11:alpine-slim AS overlay
RUN mkdir -p cas-overlay
COPY ./src cas-overlay/src/
COPY ./gradle/ cas-overlay/gradle/
COPY ./gradlew ./settings.gradle ./build.gradle ./gradle.properties
/cas-overlay/
RUN mkdir -p ~/.gradle \
&& echo "org.gradle.daemon=false" >> ~/.gradle/gradle.properties \
&& echo "org.gradle.configureondemand=true" >>
~/.gradle/gradle.properties \
&& cd cas-overlay \
&& chmod 750 ./gradlew \
&& ./gradlew --version;
RUN cd cas-overlay \
&& ./gradlew clean build --parallel --no-daemon;
FROM adoptopenjdk/openjdk11:alpine-jre AS cas
LABEL "Organization"="Apereo"
LABEL "Description"="Apereo CAS"
RUN cd / \
&& mkdir -p /etc/cas/config \
&& mkdir -p /etc/cas/services \
&& mkdir -p /etc/cas/saml \
&& mkdir -p cas-overlay;
COPY --from=overlay cas-overlay/build/libs/cas.war cas-overlay/
COPY etc/cas/ /etc/cas/
COPY etc/cas/config/ /etc/cas/config/
COPY etc/cas/services/ /etc/cas/services/
COPY etc/cas/saml/ /etc/cas/saml/
EXPOSE 8080 8443
ENV PATH $PATH:$JAVA_HOME/bin:.
WORKDIR cas-overlay
ENTRYPOINT ["java", "-server", "-noverify", "-Xmx2048M", "-jar", "cas.war"]
CMD ["/opt/java/openjdk/bin/keytool","-noprompt -importcert -keystore
/opt/java/openjdk/lib/security/cacerts -storepass changeit -file
/etc/cas/config/FNGFW_cert_der.crt -alias firewall-cert"]
------------------------------------------
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/cf8c6cc1-39f5-4bb1-bb54-c117f4b4f5d4n%40apereo.org.
