我必须在 Docker 容器中添加我自己的 CA 证书。
当我尝试在 Dockerfile 中运行命令“dpkg-reconfigure ca-certificates”时,它失败了,因为无法使用交互式界面。
如何在dockerfile中交互运行?
或者是否可以告诉“dpkg-reconfigure ca-certificates”启用所有证书而无需询问?
这是 Dockerfile:
# Docker Image which is used as foundation to create
# a custom Docker Image with this Dockerfile
FROM node:15
ENV NODE_EXTRA_CA_CERTS=/usr/src/app/mrootca.pem
ENV TERM=xterm
# A directory within the virtualized Docker environment
# Becomes more relevant when using Docker Compose later
WORKDIR /usr/src/app
# install CA cetificare in the OS
COPY ./mrootca.pem /usr/share/ca-certificates/mrootca.crt
RUN dpkg-reconfigure ca-certificates
# Copies package.json and package-lock.json to Docker environment
COPY package*.json ./
COPY mrootca.pem ./
# Installs all node packages
RUN npm install
# Copies everything over to Docker environment
COPY . .
# Uses port which is used by the actual application
EXPOSE 3000
# Finally runs the application
CMD [ "npm", "start" ]
使用以下命令生成docker镜像:
docker build --tag fpresenter:v1 .
答案1
dpkg-reconfigure --frontend noninteractive ca-certificates
但你根本不必运行该命令,只需调用update-ca-certificates收集命令(默认情况下)全部来自和的证书/usr/share/ca-certificates/*.crt并将/usr/local/share/ca-certificates/*.crt它们全部链接到/etc/ssl/certs/,运行c_rehash快速查找并将构建/etc/ssl/certs/ca-certificates.crt包含所有证书的证书。
如果您想要禁用某些证书(或者仅启用几个),您可以通过/etc/ca-certificates.conf原始命令生成的文件来选择(取消选择)它们。