commit 34a90328749dd12829b5f0528b69a37f01cfc007 Author: Nicolas Massé Date: Thu Mar 26 10:52:19 2020 +0100 first commit diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..1d88be2 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,16 @@ +FROM adoptopenjdk:11-jre-hotspot + +RUN curl -L -o /usr/local/bin/mkcert https://github.com/FiloSottile/mkcert/releases/download/v1.4.1/mkcert-v1.4.1-linux-amd64 \ + && chmod 755 /usr/local/bin/mkcert + +ADD run.sh /usr/local/bin/run.sh + +ENV PATH="/usr/local/bin:${PATH}" +ENV CAROOT=/certs/ TRUST_STORES="" +ENV SERVER_HOSTNAMES="docker.for.mac.localhost docker.for.win.localhost microcks-keycloak" +ENV JKS_PASSWORD="super-secret" + +VOLUME /certs +WORKDIR /certs + +ENTRYPOINT [ "/usr/local/bin/run.sh" ] diff --git a/run.sh b/run.sh new file mode 100755 index 0000000..7569a90 --- /dev/null +++ b/run.sh @@ -0,0 +1,28 @@ +#!/bin/sh + +if [ -z "$CAROOT" ]; then + echo "CAROOT environment variable not defined. Please set CAROOT to the desired directory." + exit 1 +fi + +if [ -z "$SERVER_HOSTNAMES" ]; then + echo "SERVER_HOSTNAMES environment variable not defined. Please set SERVER_HOSTNAMES to the desired hostnames (each hostname being separated by a space)." + exit 1 +fi + +set -e # Exit immediately if a command exits with a non-zero status. + +mkcert -cert-file "$CAROOT/server.crt" -key-file "$CAROOT/server.key" $SERVER_HOSTNAMES +mkcert -pkcs12 -p12-file "$CAROOT/server.p12" $SERVER_HOSTNAMES + +echo "Creating truststore..." +echo +keytool -import -file "$CAROOT/rootCA.pem" -alias RootCA -keystore "$CAROOT/truststore.jks" -storepass "$JKS_PASSWORD" -trustcacerts -noprompt +echo +echo "Creating keystore..." +echo +keytool -importkeystore -srckeystore "$CAROOT/server.p12" -srcstorepass "changeit" -srcstoretype pkcs12 -destkeystore "$CAROOT/keystore.jks" -deststoretype jks -deststorepass "$JKS_PASSWORD" -destkeypass "$JKS_PASSWORD" -noprompt +echo +echo "Importing Root CA certificate into keystore..." +echo +keytool -import -file "$CAROOT/rootCA.pem" -alias RootCA -keystore "$CAROOT/keystore.jks" -storepass "$JKS_PASSWORD" -trustcacerts -noprompt