My scrapbook about almost anything I stumble upon in my tech world. If you find anything useful don't forget to give thumbs-up :)


Monday, April 5, 2021

Import Certificate in Container Image

To allow external docker image in the enterprise environment is always tricky with lot of questions to answer such as how to certify the image for enterprise usage and how other internal processes will know if this image is created within the organization.

It is easy and pretty straightforward, let's see how do we do it - 
  • Generate the Certificate for your Enterprize, these certificates should be generalized or specific to the applicaton. 
  • Once generated, you need to add the below steps in dockerfile to import the certificate. Assuming, your certificates are residing in a folder named "certs"
    • Add below lines in dockerfile with all other lines
      • COPY certs/* temp/
      • RUN cp temp/*.cer /etc/pki/ca-trust/source/anchors/ && update-ca-trust
    • You can combine these 2 steps with other steps to avoid the extra layer in your image

update-ca-trust can change a little bit based on the type of certificate you are trying to import in the image, You can find the detailed info on MAN page of the command.  
Now you can use this image within the enterprise and with proof (kind of) that this image is generated/created in org. 

This is all for today, Will see you next with a new post, Till then.. Happy Learning !! 

Like the below page to get the update  

Facebook Page      Facebook Group      Twitter Feed      Telegram Group

No comments:

Post a Comment


The postings on this site are my own and don't necessarily represent IBM's or other companies positions, strategies or opinions. All content provided on this blog is for informational purposes and knowledge sharing only.
The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of his information.