Re: PWM https ssl docker

[Jason Rivard]

See 'Settings ⇨ HTTPS Server ⇨ HTTPS Private Key & Certificate'

On Friday, January 19, 2024 at 8:05:07 AM UTC-6 Andrii Malyi wrote:

Hello.

I'm trying to automate PWM HTTPS configuration in the PWM docker.

I can't find anything about how to install Letsencrypt certs inside docker container to use PWM HTTPS.
I mounted a docker volume with ssl certs to PWM docker container and tried to import to Java cacerts using 
keytool -import -cacerts -keypass changeit -storepass changeit -noprompt -file mydomain.cer -alias "mydomain"

Command was successful, but after PWM container restart it's not working.

[Jason Rivard]

The GUI is the only way.  If you want to do it another way, you will need to use the WAR artifact with your own tomcat, than you can configure tomcat as you wish.

On Friday, January 19, 2024 at 1:52:06 PM UTC-6 Andrii Malyi wrote:

I know where to install in the GUI. What I can't find the format of the certificate required and how to install using command line or on container start.

For example: I have Letencrypt ecc (ECDSA) certificate for the domain. I want to use it in PWM HTTPS configuration. How to do this using shell.  

[Jason Rivard]

Not directly, you'd need to use java keytool or other utility to convert it to a java keystore.  You could try it though.   You'd need to change the docker script around to do it before PWM actually starts.

On Friday, February 2, 2024 at 6:30:20 PM UTC-5 Andrii Malyi wrote:

What about  docker exec -it pwm /app/command.sh ImportHttpsKeyStore ? Is it possible to use it to import p12 certificate?

On Saturday, January 20, 2024 at 3:43:30 AM UTC+1 Andrii Malyi wrote:

How about the command.sh?