Skip to content
This repository has been archived by the owner on Jul 17, 2024. It is now read-only.

Commit

Permalink
Add CERN bundle instead of individual certificates
Browse files Browse the repository at this point in the history 
To prevent issues if individual certificates change their names in
future updates of CERN-CA-certs, as advised in:
https://cern.service-now.com/service-portal?id=kb_article&n=KB0008813
  • Loading branch information
@etejedor
etejedor committed Apr 28, 2023
1 parent 40b60c2 commit 6a943a9
Showing 1 changed file with 1 addition and 3 deletions.
4 changes: 1 addition & 3 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,9 +177,7 @@ ADD etc/grid-security/vomsdir /etc/grid-security/vomsdir

# Create truststore for NXCALS Spark connection
RUN yum -y install java-1.8.0-openjdk && \
keytool -import -alias cerngridCA -file /etc/pki/tls/certs/CERN_Grid_Certification_Authority\(1\).crt \
-keystore /etc/pki/tls/certs/truststore.jks -storepass 'password' -noprompt && \
keytool -import -alias cernRootCA2 -file /etc/pki/tls/certs/CERN_Root_Certification_Authority_2.crt \
keytool -import -alias cernbundle -file /etc/pki/tls/certs/CERN-bundle.crt \
-keystore /etc/pki/tls/certs/truststore.jks -storepass 'password' -noprompt && \
yum -y erase java-1.8.0-openjdk && \
rm -rf /usr/lib/jvm/
Expand Down

0 comments on commit 6a943a9

Please sign in to comment.