docker-magento: setup-ssl fails on Linux

When trying to run the setup-ssl command on Linux it fails for the sudo security add-trusted-cert command as there’s no security binary which could be called. I’d assume that’s a Mac-only solution.

About this issue

Original URL
State: closed
Created 4 years ago
Comments: 19 (9 by maintainers)

Most upvoted comments

I’ve been a bit shutdown since March, thanks for being patient.

I modified bin/setup-ssl-ca with the following contents:

#!/bin/bash
docker-compose exec -T -u root app mkcert -install
docker cp $(docker-compose ps -q app|awk '{print $1}'):/root/.local/share/mkcert/rootCA.pem .
echo "System password requested to install certificate authority on host..."

if [ "$(uname)" == "Darwin" ]; then
  sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain rootCA.pem
  rm rootCA.pem
else
  sudo mv rootCA.pem /usr/local/share/ca-certificates/rootCA.pem
  sudo update-ca-certificates
fi

This seems like the least-invasive solution. Let’s see if it works. I hate adding host dependencies.

This new version will be in the 33.0.0 tag going out later today. Please reopen/comment on this ticket if it isn’t working.

markshust on Jul 30, 2020

Perhaps we should move mkcert out of the container, and onto the host? I’ve been trying to avoid adding any dependencies on the host machine, however mkcert seems to take care of all of this for us automatically, so it may be worth the switch:

https://github.com/FiloSottile/mkcert#installation

markshust on Mar 21, 2020

Can someone verify this line also works on Ubuntu?

sudo trust anchor --store rootCA.cert

I can update the bin/setup-ssl-ca script to detect mac/linux and run the appropriate line.

markshust on Mar 5, 2020