Skip to content

Commit

Permalink
Update serverlessworkflow/modules/ROOT/pages/cloud/operator/add-custo…
Browse files Browse the repository at this point in the history
…m-ca-to-a-workflow-pod.adoc

Co-authored-by: Tomáš David <[email protected]>
  • Loading branch information
rgolangh and tomasdavidorg authored Apr 3, 2024
1 parent 5b8d5d4 commit acc6afc
Showing 1 changed file with 1 addition and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ If you're working with containers running Java applications and need to add a CA
If you have a containerized Java application that connects to an SSL endpoint with a certificate signed by an internal authority (like SSL terminated routes on a cluster) you need to make sure Java can read the CA Authority certificate and verify it. Java unfortunately doesn't load certificates directly, but rather store them in a {keytool-docs}[keystore].

The default trust store under `$JAVA_HOME/lib/security/cacerts` contains only CA's which are shipped with the Java distribution and there's the `keytool` tool that knows how to manipulate those key stores.
The containerized application may not know the CA certificate in build time, and so we need to add it to the trust-store in deployment. To automate that we can a combination of an init-container and a shared directory to pass the mutated trust store to the container before it runs. Let's run this step by step:
The containerized application may not know the CA certificate in build time, and so we need to add it to the trust-store in deployment. To automate that we can use a combination of an init-container and a shared directory to pass the mutated trust store to the container before it runs. Let's run this step by step:

=== Step 1: Obtain the CA Certificate

Expand Down

0 comments on commit acc6afc

Please sign in to comment.