Update LetsEncrypt certs

This commit is contained in:
wpetit 2021-02-22 15:41:22 +01:00
parent 4b61e5dafc
commit 546e62e077
1 changed files with 23 additions and 18 deletions

View File

@ -2,22 +2,27 @@
set -e set -e
cat >> Dockerfile <<EOF DESTDIR=/usr/local/share/ca-certificates
ENV DEBIAN_FRONTEND=noninteractive UPDATE_CERTS_CMD=update-ca-certificates
RUN apt-get update && apt-get install --yes --no-install-recommends openssl ca-certificates CERTS="$(cat <<EOF
https://letsencrypt.org/certs/isrgrootx1.pem
ADD https://letsencrypt.org/certs/isrgrootx1.pem.txt /usr/local/share/ca-certificates/isrgrootx1.pem https://letsencrypt.org/certs/isrg-root-x2.pem
ADD https://letsencrypt.org/certs/isrg-root-x2.pem /usr/local/share/ca-certificates/isrg-root-x2.pem https://letsencrypt.org/certs/lets-encrypt-r3.pem
ADD https://letsencrypt.org/certs/trustid-x3-root.pem.txt /usr/local/share/ca-certificates/trustid-x3-root.pem https://letsencrypt.org/certs/lets-encrypt-e1.pem
ADD https://letsencrypt.org/certs/letsencryptauthorityx3.pem /usr/local/share/ca-certificates/letsencryptauthorityx3.pem https://letsencrypt.org/certs/lets-encrypt-r4.pem
https://letsencrypt.org/certs/lets-encrypt-e2.pem
RUN cd /usr/local/share/ca-certificates \
&& openssl x509 -in isrgrootx1.pem -inform PEM -out isrgrootx1.crt \
&& openssl x509 -in trustid-x3-root.pem -inform PEM -out trustid-x3-root.crt \
&& openssl x509 -in letsencryptauthorityx3.pem -inform PEM -out letsencryptauthorityx3.crt \
&& openssl x509 -in isrg-root-x2.pem -inform PEM -out isrg-root-x2.crt
RUN update-ca-certificates
ENV DEBIAN_FRONTEND=
EOF EOF
)"
echo "ENV DEBIAN_FRONTEND=noninteractive" >> Dockerfile
echo "RUN apt-get update && apt-get install --yes --no-install-recommends openssl ca-certificates" >> Dockerfile
for cert in $CERTS; do
filename=$(basename "$cert")
echo "ADD $cert $DESTDIR/$filename" >> Dockerfile
echo "RUN openssl x509 -in '$DESTDIR/$filename' -inform PEM -out '$DESTDIR/$filename.crt'" >> Dockerfile
done
echo "RUN $UPDATE_CERTS_CMD" >> Dockerfile
echo "ENV DEBIAN_FRONTEND=" >> Dockerfile