search

TwiN / gatus

⛑ Automated developer-oriented status page
https://gatus.io
Apache License 2.0
6.2k stars 414 forks source link

Specifying the Root Certificate #448

Open danilvoe opened 1 year ago

danilvoe commented 1 year ago

There is a need to specify a specific root certificate, specifying the parameter(client.insecure) is not suitable because you need to save the full verification of the installed certificate on the site.

As an option, it would be suitable that when client.insecure I checked the certificate for expiration

danilvoe commented 1 year ago

In theory, this is how you can specify the official root certificate - https://pkg.go.dev/crypto/x509#Certificate.Verify

meyergru commented 7 months ago

You can have it another way - just add this to your volumes section in compose.yaml:

  volumes:
      ...
      # Mount Docker host's CA certificates
      - /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro

or use "-v '/etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt:ro'" in the docker run command.

That way, the CA certificates from your docker host will be used in the container as well, so you can add some CA in, say, /usr/local/share/ca-certificates/ and thenn call "update-ca-certificates" on the docker host to re-create /etc/ssl/certs/ca-certificates.crt.