SSL config in Docker installation
35 views
Skip to first unread message
Jorith vd Heuvel
May 9, 2023, 6:17:09 AM5/9/23
to dotCMS User Group
Hi,
I'm currently upgrading dotCMS for one of our customers and we're moving from a binary installation to Docker. This dotCMS has an Apache server in front of it acting as a reverse proxy. The communication between Apache and dotCMS is also running over SSL, so in our old dotCMS we have the following entry in server.xml:
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="conf/***.pfx"
certificateKeystorePassword="***"
type="RSA" />
</SSLHostConfig>
</Connector>
<SSLHostConfig>
<Certificate certificateKeystoreFile="conf/***.pfx"
certificateKeystorePassword="***"
type="RSA" />
</SSLHostConfig>
</Connector>
What would be the best way to set this up in Docker?
As far as I can see the SSL configuration inside the docker image is hardcoded to "conf/local.dotcms.site.pem" with password "dotcms". I could volume mount our keystore to conf/local.dotcms.site.pem, but then still the password is hardcoded, and I don't like to set the password of our production keys to 'dotcms'.
Will Ezell
May 9, 2023, 9:49:43 AM5/9/23
to dot...@googlegroups.com
If you don't want to change your keystore password, I think the best bet would be to mount a new server.xml that points to your custom keystore.
--
http://dotcms.com - Open Source Java Content Management
---
You received this message because you are subscribed to the Google Groups "dotCMS User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dotcms+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dotcms/f4d315d5-cd26-4b80-a63f-ceea53cdd69en%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages