replica mode and update trust certs 2

vre-hub · Jun 10, 2024 · ec2be4a · ec2be4a
1 parent 9188034
commit ec2be4a
Showing 1 changed file with 10 additions and 11 deletions.
diff --git a/vre-singleuser-interTwin_dev/Dockerfile b/vre-singleuser-interTwin_dev/Dockerfile
@@ -40,15 +40,15 @@ RUN mkdir -p /etc/vomses \
 # Setup merged CERN CA file on Ubuntu based images.
 # This file is contained in the `CERN-bundle.pem` file downloaded using 
 RUN mkdir /certs \
-    && touch /certs/rucio_ca.pem 
-    # && curl -fsSL 'https://cafiles.cern.ch/cafiles/certificates/CERN%20Root%20Certification%20Authority%202.crt' | openssl x509 -inform DER -out /tmp/cernrootca2.crt \
-    # && curl -fsSL 'https://cafiles.cern.ch/cafiles/certificates/CERN%20Grid%20Certification%20Authority(1).crt' -o /tmp/cerngridca.crt \
-    # && curl -fsSL 'https://cafiles.cern.ch/cafiles/certificates/CERN%20Certification%20Authority.crt' -o /tmp/cernca.crt \
-    # && cat /tmp/cernrootca2.crt >> /certs/rucio_ca.pem \
-    # && cat /tmp/cerngridca.crt >> /certs/rucio_ca.pem \
-    # && cat /tmp/cernca.crt >> /certs/rucio_ca.pem \
-    # && rm /tmp/*.crt \
-    # && update-ca-certificates
+    && touch /certs/rucio_ca.pem \
+    && curl -fsSL 'https://cafiles.cern.ch/cafiles/certificates/CERN%20Root%20Certification%20Authority%202.crt' | openssl x509 -inform DER -out /tmp/cernrootca2.crt \
+    && curl -fsSL 'https://cafiles.cern.ch/cafiles/certificates/CERN%20Grid%20Certification%20Authority(1).crt' -o /tmp/cerngridca.crt \
+    && curl -fsSL 'https://cafiles.cern.ch/cafiles/certificates/CERN%20Certification%20Authority.crt' -o /tmp/cernca.crt \
+    && cat /tmp/cernrootca2.crt >> /certs/rucio_ca.pem \
+    && cat /tmp/cerngridca.crt >> /certs/rucio_ca.pem \
+    && cat /tmp/cernca.crt >> /certs/rucio_ca.pem \
+    && rm /tmp/*.crt \
+    && update-ca-certificates
 
 # Install trust anchors 
 RUN curl https://ca.cern.ch/cafiles/certificates/CERN%20Root%20Certification%20Authority%202.crt -o /etc/pki/ca-trust/source/anchors/1.crt &&\
@@ -59,8 +59,7 @@ RUN curl https://ca.cern.ch/cafiles/certificates/CERN%20Root%20Certification%20A
     tar xf geant-bundle.tar &&\
     cp tcs-server-certificate-ca-bundle/*.pem /etc/pki/ca-trust/source/anchors/ &&\
     rm -rf geant-bundle.tar tcs-server-certificate-ca-bundle &&\
-    update-ca-trust &&\
-    update-ca-certificates
+    update-ca-trust
 
 # Add async ssh script
 ADD asyncssh_config.py /opt/ssh/jupyterhub-singleuser