Newer
Older
This is a set of Dockerfiles that can bootstrap an internal [`step-ca`](https://github.com/smallstep/certificates/) server on top of an OS image.
It can serve as a pattern for trusting internal CAs, for any Docker image.
* `ubuntu:focal`
* `alpine:latest`
## Example usage
Say we want the `mongo` image to trust an internal CA. `mongo` uses `ubuntu:focal`. So start with `Dockerfile.ubuntu`, and change `FROM ubuntu:focal` to `FROM mongo`. Build it and you will get a MongoDB server that trusts your CA.
The CA URL and Fingerprint can be hardcoded in the `Dockerfile`, or supplied as build arguments:
docker build -f Dockerfile.ubuntu . --build-arg CA_URL=https://ca.example.com --build-arg CA_FINGERPRINT=abc123123
docker build -f Dockerfile.alpine . --build-arg CA_URL=https://ca.example.com --build-arg CA_FINGERPRINT=abc123123
