How do we add a certificate to truststore in docker setup? #10506
-
|
I have searched a lot of places but so far no luck. I am trying to make an LDAPS connection with the docker setup of Keycloak but I have no idea where to add the certificate. The installation has no trust store (or at least I couldn't find) and java binaries included in the container are confusing (there are multiple paths like What should I do to make Keycloak trust my certificate? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
I also wondered about this. Here's what I ended up doing. Reference https://www.keycloak.org/server/keycloak-truststore we see that we can pass a java keystore to the docker entry point using the command line arguments So now we just ned to create a java keystore file, which you can find examples of in many places such as https://stackoverflow.com/questions/11952274/how-can-i-create-keystore-from-an-existing-certificate-abc-crt-and-abc-key-fil So I created my keystore, named it as myTrustStore.jks and put it in a volume that I mapped to the docker container. Then I modified the command line in my docker-compose.yml file to something like this:
|
Beta Was this translation helpful? Give feedback.
I also wondered about this. Here's what I ended up doing.
Reference https://www.keycloak.org/server/keycloak-truststore we see that we can pass a java keystore to the docker entry point using the command line arguments
--spi-truststore-file-file=myTrustStore.jks --spi-truststore-file-password=password --spi-truststore-file-hostname-verification-policy=ANYSo now we just ned to create a java keystore file, which you can find examples of in many places such as https://stackoverflow.com/questions/11952274/how-can-i-create-keystore-from-an-existing-certificate-abc-crt-and-abc-key-fil
So I created my keystore, named it as myTrustStore.jks and put it in a volume that I mapped to the docker cont…