Lets encrypt Certificate for wildfly18 running in a docker container

[Joe Danvers]

I'm running an application from my wildfly 18 docker container and management asked me to get an SSL certificate for the domain for security, but I have two issues with this the first one is the container isn't static meaning that it changes twice a day the dev team rebuilds it twice a day so if the rebuild it the SSL configuration would be lost what can i do to deal with this?

the other issue is the certificate how can I export it knowing that I used the Letsencrypt command in CLI to get it rather than using certbot.

[Farah Juma]

On Monday, October 11, 2021 at 12:57:25 PM UTC-4 Joe Danvers wrote:

I'm running an application from my wildfly 18 docker container and management asked me to get an SSL certificate for the domain for security, but I have two issues with this the first one is the container isn't static meaning that it changes twice a day the dev team rebuilds it twice a day so if the rebuild it the SSL configuration would be lost what can i do to deal with this?

Do you mean the server-ssl-context configuration is lost? You could run a CLI script that configures the server-ssl-context from your Dockerfile (e.g., see http://www.mastertheboss.com/soa-cloud/docker/how-to-run-cli-commands-in-wildfly-dockerfile/). (Note that you won't be able to actually obtain the certificate using the CLI until the instance is up and running.)

 

the other issue is the certificate how can I export it knowing that I used the Letsencrypt command in CLI to get it rather than using certbot.

If you need to export the certificate, the following command can be used:

/subsystem=elytron/key-store=serverKS:export-certificate(alias=server, path=YOUR_PATH)

where serverKS should be replaced with the name of your key-store

and alias=server should be updated to reflect the alias of the cert you'd like to export