Closed justsomebody42 closed 3 months ago
wborn
commented
11 months ago You can run a script before it starts openHAB, see:
There are some examples of the scripts here:
https://github.com/openhab/openhab-docker/tree/main/contrib/cont-init.d
So it will probably work if it looks like:
#!/bin/bash -ex
cp "${OPENHAB_USERDATA}/etc/my-certificate" /usr/local/share/ca-certificates
update-ca-certificates
rkoshak
commented
11 months ago You could also just mount the certificate as a volume and the script would just need to run update-ca-certificates.
Another approach is you could create a new Image based on the openHAB image with the certificate already part of the image and update-ca-certificates already run.
It all depends on how you want to maintain it.
justsomebody42
commented
11 months ago Thanks a lot for your suggestions! I will try it next week, as I'm out this week and provide feedback :)
stale[bot]
commented
9 months ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
I have a private CA which I use to secure all of my selfhosted applications to allow trusted access after importing the CA certificate. OpenHAB3 (running as docker container) interacts with a couple of these applications and thus needs to import the CA certificate as well. I currently do so manually after each update by copying the ca certificate to
/usr/local/share/ca-certificatesand runningupdate-ca-certificates. This requires a restart of the container and has of course to be repeated each time the container is recreated (e.g. during updates).I was wondering, if it would be possible to add some kind of init routine to check for a certificate in the userdata folder during startup and add a provided certificate automatically.
Your Environment