Install LetsEncrypt CA in packaging environment

hooks/containerbuild/debian/install-letsencrypt-ca

@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+
+set -e
+
+cat >> Dockerfile <<EOF
+ENV DEBIAN_FRONTEND=noninteractive
+RUN apt-get update && apt-get install --yes --no-install-recommends openssl ca-certificates
+
+ADD https://letsencrypt.org/certs/isrgrootx1.pem.txt /usr/local/share/ca-certificates/isrgrootx1.pem
+ADD https://letsencrypt.org/certs/isrg-root-x2.pem  /usr/local/share/ca-certificates/isrg-root-x2.pem
+ADD https://letsencrypt.org/certs/trustid-x3-root.pem.txt /usr/local/share/ca-certificates/trustid-x3-root.pem
+ADD https://letsencrypt.org/certs/letsencryptauthorityx3.pem /usr/local/share/ca-certificates/letsencryptauthorityx3.pem 
+
+RUN cd /usr/local/share/ca-certificates \
+ && openssl x509 -in isrgrootx1.pem -inform PEM -out isrgrootx1.crt \
+ && openssl x509 -in trustid-x3-root.pem -inform PEM -out trustid-x3-root.crt \
+ && openssl x509 -in letsencryptauthorityx3.pem -inform PEM -out letsencryptauthorityx3.crt \
+ && openssl x509 -in isrg-root-x2.pem -inform PEM -out isrg-root-x2.crt
+
+RUN update-ca-certificates 
+
+ENV DEBIAN_FRONTEND=
+EOF

profiles/debian.conf

@@ -7,7 +7,8 @@ default_image=debian:stretch
 [containerbuild]
 hooks=
   containerbuild/debian/install-build-essential,
-  containerbuild/debian/install-git
+  containerbuild/debian/install-git,
+  containerbuild/debian/install-letsencrypt-ca
 
 # Configuration de l'étape de pré-construction du paquet
 [prebuild]