Support self-signed certificates

[juliangruendner]

Many DIC have their own certificate authorities (CAs), which are not supported by a standard java installation.

The backend component should be changed to apply ca certs to a java-cacerts truststore on startup in the Dockerfile via a docker-entrypoint.sh and the application should then startup with this specific trutstore.

All ca certificates in a respective folder should then be added to the truststore.

As this is needed for all our components an example implementation of this can be found here: https://github.com/medizininformatik-initiative/flare/blob/develop/Dockerfile https://github.com/medizininformatik-initiative/flare/blob/develop/docker-entrypoint.sh https://github.com/medizininformatik-initiative/flare/blob/develop/README.md#support-for-self-signed-certificates

To test your implmentation: Add your own CA certs to the backend and use the generated do certs for your nginx in front of a blaze FHIR server or a FLARE server of the feasibility deploy repo.

The easiest way to test this is to start the feasibility-triangle locally with a cert (and key) in the auth folder of the triangle. https://github.com/medizininformatik-initiative/feasibility-deploy/tree/main/feasibility-triangle Then start your new backend version in a docker container in the same project (-p param for docker compose) and connect to the nginx of the triangle inside the docker network - note the domain name would have to be the docker internal one feasibility-triangle-nginx and the FLARE will have to connect to the nginx on port 8443.

[juliangruendner]

@michael-82 - please also consult with @EmteZogaf