docker container ssl certificates

后端 未结 4 1875
伪装坚强ぢ
伪装坚强ぢ 2020-11-29 16:32

Is there any elegant way to add ssl certificates to images that have come from docker pull?.

I\'m looking for a simple and reproducible way of adding a file into /et

相关标签:
4条回答
  • 2020-11-29 17:05

    Mount the certs onto the Docker container using -v:

    docker run -v /host/path/to/certs:/container/path/to/certs -d IMAGE_ID "update-ca-certificates"
    
    0 讨论(0)
  • 2020-11-29 17:16

    As was suggested in a comment above, if the certificate store on the host is compatible with the guest, you can just mount it directly.

    On a Debian host (and container), I've successfully done:

    docker run -v /etc/ssl/certs:/etc/ssl/certs:ro ...
    
    0 讨论(0)
  • 2020-11-29 17:16

    You can use relative path to mount the volume to container:

    docker run -v `pwd`/certs:/container/path/to/certs ...
    
    

    Note the back tick on the pwd which give you the present working directory. It assumes you have the certs folder in current directory that the docker run is executed. Kinda great for local development and keep the certs folder visible to your project.

    0 讨论(0)
  • 2020-11-29 17:25

    I am trying to do something similar to this. As commented above, I think you would want to build a new image with a custom Dockerfile (using the image you pulled as a base image), ADD your certificate, then RUN update-ca-certificates. This way you will have a consistent state each time you start a container from this new image.

    # Dockerfile
    FROM some-base-image:0.1
    ADD you_certificate.crt:/container/cert/path
    RUN update-ca-certificates
    

    Let's say a docker build against that Dockerfile produced IMAGE_ID. On the next docker run -d [any other options] IMAGE_ID, the container started by that command will have your certificate info. Simple and reproducible.

    0 讨论(0)
提交回复
热议问题