[cas-user] How to set custom Java TrustStore for CAS Maven Overlay

[Sam Erie]

So I have tested my certifications using the suggested SSLPoke tool, and I know I can use the java option -Djavax.net.ssl.trustStore=<path> to make CAS use the correct custom java truststore for my ldap connection. I was even able to get it to run like java -Djavax.net.ssl.trustStore=<path> -jar target/cas.war. However I am trying to set it up to use ./build.sh run maven command.

My question is how can I set a custom truststore for CAS to run? There is a keystore property, and a trustCertificates property (which does not take a keystore, only loose certs). There is a truststore property for server or httpClient. I must be missing something, because this seems like a pretty common usage case. 

Or is there a way to set the execution command? Or an environmental variable I can set? (I tried JAVA_OPTS, MAVEN_OPTS, CATALINA_OPTS etc) I have tried many things, but there is so much documentation I am having trouble finding this specific answer. 

I appreciate any advice, hopefully this isn't something extremely obvious that is just eluding me because I have been staring at it for so long.