0

I have a postgresql database that requires a promise to go with it over ssl. When running locally, the certificate is on my PC in the roaming/postgresq/root folder and the application is successfully launched. But for deployment, you need to pack everything into a docker container, which does not have a certificate inside it, respectively, the application does not start in the container anymore. Where can I put the certificate or which team should I pack it with the project?

I tried to create a path inside the project where postgresql is looking for a certificate, but nothing worked two one

Dmitriy Kandalov
  • 21
  • 3
  • I think you should explore on how to copy a file into a docker container https://stackoverflow.com/questions/22907231/how-to-copy-files-from-host-to-docker-container – Pavel Jan 03 '23 at 13:13
  • You can [mount the certificate file or folder into the container at runtime](https://docs.docker.com/storage/bind-mounts/), that way the host can have the file and the container doesn't need to contain anything secret. – Joachim Isaksson Jan 03 '23 at 13:21
  • I put the file in the container manually but nothing has changed – Dmitriy Kandalov Jan 03 '23 at 18:36

1 Answers1

0

If the certificate that you are trying to access is a non secret (say public key) you can copy the cert to docker image using COPY in Dockerfile

I assume that's not the case, if so you have couple of options

  1. Base64 encode your cert and include that encoded text as the commandline argument when you start your postgres container. Have a wrapper script to your entry point and as the first step in the script, read the argument, base64 decode it and store it in local file system.

  2. As @joachim suggested, mount the cert from the host machine

Personally I would go with first approach

so-random-dude
  • 15,277
  • 10
  • 68
  • 113