search

medizininformatik-initiative / feasibility-backend

Backend of the feasibility-gui.
Apache License 2.0
2 stars 4 forks source link

Allow using custom trust store for ssl connections #196

Open EmteZogaf opened 1 year ago

EmteZogaf commented 1 year ago

Connections to keycloak and to the backend itself using https leads to certificate verification errors in the test environment, because the domain certificate's issuing certificate is not part of the base docker image ssl certificates.

Current workaround is to mount a custom trust store containing all necessary ca certificates and injecting it into the jvm by adding the environment variable JDK_JAVA_OPTIONS to the backend environment in the docker-compose.yml:

    environment:
      JDK_JAVA_OPTIONS: "-Djavax.net.ssl.trustStore=/mount/path/of/backend-truststore.p12 -Djavax.net.ssl.trustStorePassword=securePassword"
juliangruendner commented 1 month ago

@EmteZogaf check back with @michael-82 after he has finished this PR #238 and check if that does not already resolve your problem.