diff options
| author |   Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2017-04-13 13:51:46 +0000 |
|---|---|---|
| committer | Juan Antonio Osorio Robles <jaosorior@redhat.com> | 2017-04-18 11:20:06 +0300 |
| commit | f8f295be3ec1e1bced79aa37845edcbafa90577f (patch) | |
| tree | 21138daf4eed9af336143c853214c6ee2ff56395 /docker | |
| parent | e81ddeb685f494bfcfa592212fe8d44c9cc55862 (diff) | |
Introduce common CAs to be mounted to the containers
When TLS is enabled, the containers need to trust the CAs that the
host trusts.
Change-Id: I0434b0ac10290970857cad3d1a89d00f5b054196
Diffstat (limited to 'docker')
| -rw-r--r-- | docker/services/containers-common.yaml | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/docker/services/containers-common.yaml b/docker/services/containers-common.yaml index a357ceb6..d3561f6b 100644 --- a/docker/services/containers-common.yaml +++ b/docker/services/containers-common.yaml @@ -9,3 +9,8 @@ outputs: value: - /etc/hosts:/etc/hosts:ro - /etc/localtime:/etc/localtime:ro + # OpenSSL trusted CAs + - /etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro + - /etc/pki/tls/certs/ca-bundle.crt:/etc/pki/tls/certs/ca-bundle.crt:ro + - /etc/pki/tls/certs/ca-bundle.trust.crt:/etc/pki/tls/certs/ca-bundle.trust.crt:ro + - /etc/pki/tls/cert.pem:/etc/pki/tls/cert.pem:ro |