Replies: 2 comments
-
|
I think using volume mounts to add files accessible in the container is a better approach. No need to copy files into the container, it will be ephemeral and gone after a restart. Volume mounts can be used for the files to as many instances as you like, across container restarts. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
We have some examples here: For example using volume mounts to add HSM drivers. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi Team,
I’m new to EJBCA and an posting the following question regarding the SCP Publishing functionality release in EJBCA 7.11 (1-12-2023) (https://www.ejbca.org/news/ejbca-community-7-11-is-released).
I’m running EJBCA-CE in Docker according (I can provide the configuration if needed) and am attempting to setup SCP Publishing. When doing so, the documentation (https://doc.primekey.com/ejbca/ejbca-operations/ejbca-ca-concept-guide/publishers-overview/scp-publisher) references providing local paths to the private key and known hosts file, which in this case are inside the docker container.
It sound like this feature request (#247) would address this challenge.
I create the files and copied them to the container, but get the error below when saving and testing the configuration. I can provide the full output is needed. It seems that simply copying the files to the running container is not sufficient (I assume it’s a permission problem). My next thought is creating a docker volume to hold the key and hosts file. If that is advisable, I need some guidance around where in the container the volume should be mounted; as I assume there are permissions and specific locations where these files should be stored.
Greatly appreciate any guidance/advice.
2023-04-17 12:55:15,753+0000 INFO [org.ejbca.scp.publisher.ScpPublisher] (default task-4) Could not access private key. java.io.FileNotFoundException: private_key (No such file or directory)
2023-04-17 12:55:15,753+0000 INFO [org.ejbca.core.ejb.ca.publisher.PublisherSessionBean] (default task-4) Error when testing the connection with publisher SCP.
2023-04-17 12:55:15,755+0000 ERROR [org.ejbca.ui.web.admin.publisher.EditPublisherManagedBean] (default task-4) Error connecting to publisher SCP: org.ejbca.core.model.ca.publisher.PublisherConnectionException: Could not access private key.
at deployment.ejbca.ear.ejbca-ejb.jar//org.ejbca.core.ejb.ca.publisher.PublisherSessionBean.testConnection(PublisherSessionBean.java:530)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
Beta Was this translation helpful? Give feedback.
All reactions