ssl_client:raw.githubusercontent.com:证书验证失败:自签名证书位于

时间:2019-09-11 08:50:46

标签: java linux docker wget alpine

构建docker映像时出现以下错误,特别是在openjdk安装上

  

ssl_client:raw.githubusercontent.com:证书验证   失败:自签名证书       证书链       wget:错误获得响应:对等重置连接

我尝试了另一个SO问题中提到的方法

RUN  apk update
RUN apk add ca-certificates
RUN  update-ca-certificates

但随后我收到此警告:

  

警告:ca-certificates.crt不完全包含一个证书   或CRL:跳过

这是我的整个docker文件:

FROM alpine:3.10 as builder

ARG VERSION=7.12.0
ARG DISTRO=tomcat
ARG SNAPSHOT=true

ARG EE=false
ARG USER
ARG PASSWORD

RUN apk add --no-cache \
        ca-certificates \
        maven \
        tar \
        wget \
        xmlstarlet

COPY settings.xml download.sh camunda-tomcat.sh camunda-wildfly.sh  /tmp/

RUN /tmp/download.sh


##### FINAL IMAGE #####

FROM alpine:3.10

ARG VERSION=7.12.0

#MSSQL SERVER JDBC DRIVER INSTALL
COPY sqljdbc_7.2.2.0_enu.tar.gz /tmp/
WORKDIR /tmp
RUN tar -xf sqljdbc_7.2.2.0_enu.tar.gz
ENV CLASSPATH=${CLASSPATH}:/tmp/sqljdbc_7.2/enu/mssql-jdbc-7.2.2.jre11.jar
ARG CLASSPATH=${CLASSPATH}:/tmp/sqljdbc_7.2/enu/mssql-jdbc-7.2.2.jre11.jar
RUN echo $CLASSPATH

ENV CAMUNDA_VERSION=${VERSION}
ENV DB_DRIVER=com.microsoft.sqlserver.jdbc.SQLServerDriver
ENV DB_URL=jdbc:sqlserver://xx.database.windows.net:1433;database=camundadb;user=demo@xx;password=xx.;encrypt=true;trustServerCertificate=false;hostNameInCertificate=*.database.windows.net;loginTimeout=30;
ENV DB_USERNAME=demo@xx
ENV DB_PASSWORD=xx
ENV DB_CONN_MAXACTIVE=20
ENV DB_CONN_MINIDLE=5
ENV DB_CONN_MAXIDLE=20
ENV DB_VALIDATE_ON_BORROW=false
ENV DB_VALIDATION_QUERY="SELECT 1"
ENV SKIP_DB_CONFIG=
ENV WAIT_FOR=
ENV WAIT_FOR_TIMEOUT=120
ENV TZ=UTC
ENV DEBUG=TRUE
ENV JAVA_OPTS="-Xmx768m -XX:MaxMetaspaceSize=256m"

EXPOSE 8080 8000

RUN  apk update
RUN apk add ca-certificates
RUN  update-ca-certificates

# Downgrading wait-for-it is necessary until this PR is merged
# https://github.com/vishnubob/wait-for-it/pull/68
RUN apk add --no-cache \
        bash \
        ca-certificates \
        openjdk11-jre-headless \
        tzdata \
        tini \
        xmlstarlet \
    && wget -O /usr/local/bin/wait-for-it.sh \
      "https://raw.githubusercontent.com/vishnubob/wait-for-it/a454892f3c2ebbc22bd15e446415b8fcb7c1cfa4/wait-for-it.sh" \
    && chmod +x /usr/local/bin/wait-for-it.sh

RUN addgroup -g 1000 -S camunda && \
    adduser -u 1000 -S camunda -G camunda -h /camunda -s /bin/bash -D camunda
WORKDIR /camunda
USER camunda

#ENTRYPOINT ["/sbin/tini", "--"]
#CMD ["./camunda.sh"]

#COPY --chown=camunda:camunda --from=builder /camunda .

1 个答案:

答案 0 :(得分:1)

在更新Dockerfile之后将其添加到您的ca

RUN apk add openssl