---
SERVER: Ubuntu Server 20.04 LTE (Standard installation with LVM)
DCM4CHEE-ARC-LIGHT: 5.22.3-secure-ui (deployed with DOCKER-COMPOSE)
---
Hi,
I'd like to set a third-party SSL certificate to my DCM4CHEE server with docker-compose without needing to alter Keycloak-Gatekeeper image.
So, in the docker-compose.yml I've created an /etc/certs local folder with our cert.pem, cacert.pem and key.pem files.
Then, changed the docker-compose by mapping the local cert files to the image:
keycloak-gatekeeper:
image: dcm4che/keycloak-gatekeeper:10.0.1
logging:
driver: gelf
options:
gelf-address: "udp://myserverfqdn:12201"
tag: keycloak-gatekeeper
ports:
- "8643:8643"
environment:
PROXY_LISTEN: :8643
PROXY_REDIRECTION_URL: https://myserverfqdn:8643
PROXY_UPSTREAM_URL: http://kibana:5601
PROXY_DISCOVERY_URL: https://myserverfqdn:8843/auth/realms/dcm4che
PROXY_CLIENT_ID: kibana
PROXY_CLIENT_SECRET: <hidden>
PROXY_ENCRYPTION_KEY: <hidden>
command:
- "--openid-provider-timeout=120s"
- "--tls-cert=/etc/certs/cert.pem"
- "--tls-private-key=/etc/certs/key.pem"
- "--tls-ca-certificate=/etc/certs/cacert.pem"
- "--skip-openid-provider-tls-verify=false"
- "--enable-refresh-tokens=true"
- "--resources=uri=/*|roles=auditlog"
depends_on:
- kibana
- keycloak
volumes:
- /etc/certs/cert.pem:/etc/certs/cert.pem:ro
- /etc/certs/key.pem:/etc/certs/key.pem:ro
- /etc/certs/key.pem:/etc/certs/cacert.pem:ro
Well, the certificate never gets loaded... can you help me here?
Thanks.