Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Updating system SSL and java keystore in a docker build
# Compile and install certificates for the Java trust keystore
# and main keystore. Let's face it, this is everyone's keystore password.
# Note I install java very flatly normally.
COPY trust-certs/ /usr/local/share/ca-certificates/
RUN update-ca-certificates && \
ls -1 /usr/local/share/ca-certificates | while read cert; do \
openssl x509 -outform der -in /usr/local/share/ca-certificates/$cert -out $cert.der; \
/java/bin/keytool -import -alias $cert -keystore /java/jre/lib/security/cacerts -trustcacerts -file $cert.der -storepass changeit -noprompt; \
rm $cert.der; \
Copy link


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment