unable to add certificates to alpine linux container
I think below worked for me (I was adding a root certificate on blackfire/blackfire image which extends from alpine):
RUN apk update && apk add ca-certificates && rm -rf /var/cache/apk/* \ mkdir /usr/local/share/ca-certificates/extraCOPY .docker/other/cert_Intertrials-CA.crt /usr/local/share/ca-certificates/extraRUN update-ca-certificates
I then logged into that VM and see it has added it to the merged cert file, /etc/ssl/certs/ca-certificates.crt (I believe i heard it takes each cert file from inside /usr/local/share/ca-certificates and merges into the /etc/ssl/certs/ca-certificates.crt file).
Now you will get that 'does not contain exactly one certificate or CRL: skipping' error probably, but i heard that is fine.
https://github.com/gliderlabs/docker-alpine/issues/30 mentions: "that this is just a warning and shouldn't affect anything."
https://github.com/gliderlabs/docker-alpine/issues/52mentions: "The WARNING: ca-certificates.crt does not contain exactly one certificate or CRL: skipping is just what it says it is, a warning. It is saying that ca-certificates.crt doesn't contain only one certificate (because it is the concatenation of all the certificates), therefore it is skipped and not included in ca-certificates.crt (since it cannot include itself)."
"The warning shown is normal."
In my case, I had to execute the update-ca-certificates
before add any package. But it fails if the /etc/ssl/certs/
doesn't exists.
So, I add RUN mkdir -p /etc/ssl/certs/ && update-ca-certificates
on my Dockerfile before the RUN apk add ...
.