Fatal编程技术网
  • docker/
  • Docker 如何添加Let';s使用asadmin引导脚本将密钥/证书加密到Payara Micro

Docker 如何添加Let';s使用asadmin引导脚本将密钥/证书加密到Payara Micro

docker

Docker 如何添加Let';s使用asadmin引导脚本将密钥/证书加密到Payara Micro,docker,payara,payara-micro,Docker,Payara,Payara Micro,我使用certbot独立服务器成功地为我的集合生成了一个Let's Encrypt证书,但现在我想将这些证书移动到payara微型容器中进行生产。Payara Micro允许我将asadmin命令放入它拾取并运行的前/后脚本中 首先,这里是用于创建容器的docker命令: docker run -p 8765:8090 \ --mount type=bind,src=$(pwd)/deployments,dst=/opt/payara/deployments \

我使用certbot独立服务器成功地为我的集合生成了一个Let's Encrypt证书,但现在我想将这些证书移动到payara微型容器中进行生产。Payara Micro允许我将asadmin命令放入它拾取并运行的前/后脚本中

首先,这里是用于创建容器的docker命令:

docker run -p 8765:8090 \
           --mount type=bind,src=$(pwd)/deployments,dst=/opt/payara/deployments \
           --mount type=bind,src=$(pwd)/lib,dst=/opt/payara/lib \
           --mount type=bind,src=$(pwd)/cert,dst=/opt/payara/cert \
           --mount type=bind,src=$(pwd)/scripts,dst=/opt/payara/scripts \
           --env-file payara.env \
           --restart=always \
           payara/micro:5.191 \
           --prebootcommandfile /opt/payara/scripts/preboot.asadmin \
           --addlibs /opt/payara/lib \
           --deploy /opt/payara/deployments/MyApp.war \
           --sslport 8090 \
           --sslcert le_myapp \
           --contextroot ROOT

preboot.asadmin
脚本有一行:

add-pkcs8 --domain_name production --destalias "le_myapp" --priv-key-path /opt/payara/cert/privkey.pem --cert-chain-path /etc/letsencrypt/opt/payara/cert/fullchain.pem
当然,注册证书失败,并且日志没有提供任何关于失败原因的有用信息:

[2019-05-29T16:41:48.329+0000] [] [WARNING] [] [fish.payara.boot.runtime.BootCommand] [tid: _ThreadID=1 _ThreadName=main] [timeMillis: 1559148108329] [levelValue: 900] Boot Command add-pkcs8 failed Exception while executing command. 

[2019-05-29T16:41:48.999+0000] [] [INFO] [] [fish.payara.boot.runtime.BootCommand] [tid: _ThreadID=1 _ThreadName=main] [timeMillis: 1559148108999] [levelValue: 800] [[
  Boot Command set returned with result SUCCESS : PlainTextActionReporterSUCCESSDescription: set AdminCommandnull
    configs.config.server-config.network-config.network-listeners.network-listener.https-listener.port=8090
]]

[2019-05-29T16:41:49.042+0000] [] [INFO] [] [fish.payara.boot.runtime.BootCommand] [tid: _ThreadID=1 _ThreadName=main] [timeMillis: 1559148109042] [levelValue: 800] [[
  Boot Command set returned with result SUCCESS : PlainTextActionReporterSUCCESSDescription: set AdminCommandnull
    configs.config.server-config.network-config.network-listeners.network-listener.https-listener.enabled=true
]]

[2019-05-29T16:41:49.114+0000] [] [INFO] [] [fish.payara.boot.runtime.BootCommand] [tid: _ThreadID=1 _ThreadName=main] [timeMillis: 1559148109114] [levelValue: 800] [[
  Boot Command set returned with result SUCCESS : PlainTextActionReporterSUCCESSDescription: set AdminCommandnull
    configs.config.server-config.network-config.protocols.protocol.https-listener.ssl.cert-nickname=le_myapp
]]
更新1:

我向提交了一个问题,因为我认为这是微版本上的命令问题。如果这个问题有更新,我会在这里发布更新

更新2:

正如github问题所建议的,我从命令中删除了
--domain\u name production
。我甚至尝试了非micro
payara/server web:5.192
。两者都不起作用。在本机安装上应用相同的asadmin命令效果很好