Scott Baker | 58e88a8 | 2016-11-18 13:39:09 -0800 | [diff] [blame] | 1 | # ONOS dockerfile with XOS/CORD additions |
| 2 | |
| 3 | FROM {{ onos_docker_image }} |
| 4 | MAINTAINER Zack Williams <zdw@cs.arizona.edu> |
| 5 | |
| 6 | # Add SSL certs |
Zack Williams | c047c87 | 2017-01-11 08:38:15 -0700 | [diff] [blame] | 7 | COPY cord_root_ca.crt /usr/local/share/ca-certificates/cord_root_ca.crt |
Zack Williams | c989f26 | 2017-05-11 13:02:59 -0700 | [diff] [blame] | 8 | COPY cord_{{ site_name }}_im_ca.crt /usr/local/share/ca-certificates/cord_{{ site_name }}_im_ca.crt |
Scott Baker | 58e88a8 | 2016-11-18 13:39:09 -0800 | [diff] [blame] | 9 | RUN update-ca-certificates |
| 10 | |
| 11 | # Create Java KeyStore from certs |
Zack Williams | c047c87 | 2017-01-11 08:38:15 -0700 | [diff] [blame] | 12 | RUN openssl x509 -in /usr/local/share/ca-certificates/cord_root_ca.crt \ |
| 13 | -outform der -out /usr/local/share/ca-certificates/cord_root_ca.der && \ |
Zack Williams | c989f26 | 2017-05-11 13:02:59 -0700 | [diff] [blame] | 14 | openssl x509 -in /usr/local/share/ca-certificates/cord_{{ site_name }}_im_ca.crt \ |
| 15 | -outform der -out /usr/local/share/ca-certificates/cord_{{ site_name }}_im_ca.der && \ |
Zack Williams | c047c87 | 2017-01-11 08:38:15 -0700 | [diff] [blame] | 16 | keytool -import -noprompt -storepass {{ trust_store_pw }} -alias cord_root_ca \ |
| 17 | -file /usr/local/share/ca-certificates/cord_root_ca.der \ |
| 18 | -keystore /usr/local/share/ca-certificates/cord_ca_certs.jks && \ |
Zack Williams | c989f26 | 2017-05-11 13:02:59 -0700 | [diff] [blame] | 19 | keytool -import -noprompt -storepass {{ trust_store_pw }} -alias cord_{{ site_name }}_im_ca \ |
| 20 | -file /usr/local/share/ca-certificates/cord_{{ site_name }}_im_ca.der \ |
Zack Williams | c047c87 | 2017-01-11 08:38:15 -0700 | [diff] [blame] | 21 | -keystore /usr/local/share/ca-certificates/cord_ca_certs.jks |
Scott Baker | 58e88a8 | 2016-11-18 13:39:09 -0800 | [diff] [blame] | 22 | |
Jonathan Hart | 75ac6e9 | 2017-07-25 11:23:08 -0700 | [diff] [blame] | 23 | # Let ONOS know where the keystore is |
| 24 | ENV JAVA_OPTS="-Djavax.net.ssl.trustStore=/usr/local/share/ca-certificates/cord_ca_certs.jks -Djavax.net.ssl.trustStorePassword={{ trust_store_pw }}" |
Scott Baker | 58e88a8 | 2016-11-18 13:39:09 -0800 | [diff] [blame] | 25 | |
Zack Williams | 30c01f9 | 2017-02-19 23:38:52 -0700 | [diff] [blame] | 26 | # Configure ONOS to log with log4j to ElasticStack |
| 27 | COPY org.ops4j.pax.logging.cfg /root/onos/apache-karaf-3.0.5/etc/org.ops4j.pax.logging.cfg |
| 28 | |