英文:
Kpack: How to add a custom certificate into JVM truststore of a kpack generated Image
问题
我使用kpack生成Java - Spring Boot应用程序的容器镜像。我需要生成容器镜像中的JVM信任自定义自签名证书。我该如何构建所需的YAML文件?
英文:
I am using kpack to generate container images of a Java - Spring Boot app. I need the JVM in the generated container image to trust a custom self-signed certificate. How do I construct the required YAML(s) for this?
答案1
得分: 1
首先,我假设您正在使用Paketo构建包,文档 解释了如何在构建包中为JVM Truststore提供CA证书,可以在以下两种情况下进行:
- 构建时(如果您在各个环境中使用相同的CA证书,这是最简单的解决方案,因为您只需在构建时提供CA证书,镜像就可以准备好部署)或者
- 运行时(如果您的CA证书在不同环境中不同,这是一个更复杂的选项,因为在kpack中,您需要在部署时提供并绑定CA证书)。
如果选择运行时,那么您需要创建一个服务绑定,将其链接到您的CA证书。
希望对您有所帮助!
英文:
First, I assume you are using Paketo buildpacks, and the documentation explains how you can provide a CA certificate to your JVM Truststore, either at
- buildtime (if you use the same CA certificate for your image across your environments; that's the easiest solution since you just need to provide your CA cert during buildtime and the image is ready to be deployed) or at
- runtime (if your CA cert is going to be different across environments; that's a more complicated option since at deployment time, in kpack, you will need to provide and bind the CA certificate)
If you choose runtime, then you would need to create a service binding that would link to your CA certificate
Hope that helps!
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论