Linux 如何在运行docker容器时引入丢失的证书?
我试着按照上面的说明去做。我的烦恼从docker compose up-d命令开始:Linux 如何在运行docker容器时引入丢失的证书?,linux,docker,certificate,ssl-certificate,Linux,Docker,Certificate,Ssl Certificate,我试着按照上面的说明去做。我的烦恼从docker compose up-d命令开始: ... Status: Downloaded newer image for tiangolo/uwsgi-nginx-flask:python3.6 ---> a16ce562e863 Step 2/3 : RUN pip install redis ---> Running in ffef7d7a575f WARNING: Retrying (Retry(total=4, connect=N
...
Status: Downloaded newer image for tiangolo/uwsgi-nginx-flask:python3.6
---> a16ce562e863
Step 2/3 : RUN pip install redis
---> Running in ffef7d7a575f
WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),)': /simple/redis/
WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),)': /simple/redis/
WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),)': /simple/redis/
WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),)': /simple/redis/
WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),)': /simple/redis/
Could not fetch URL https://pypi.org/simple/redis/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/redis/ (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),)) - skipping
ERROR: Could not find a version that satisfies the requirement redis (from versions: none)
ERROR: No matching distribution found for redis
Could not fetch URL https://pypi.org/simple/pip/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.org', port=443): Max retries exceeded with url: /simple/pip/ (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),)) - skipping
ERROR: Service 'azure-vote-front' failed to build: The command '/bin/sh -c pip install redis' returned a non-zero code: 1
C:\work\azure-voting-app-redis [master ≡]>
mcr.microsoft.com/windows/servercore:ltsc2019FROM tiangolo/uwsgi-nginx-flask:python3.6
RUN pip install redis
ADD /azure-vote /app
docker run --mount 'type=bind,source=c:\work\azure-voting-app-redis\azure-vote\ca-certs,target=/ca-certs' -it tiangolo/uwsgi-nginx-flask:python3.6 bash
ca证书root@8f64c6b3381c:/app# apt-get update -y
Get:1 http://security.debian.org/debian-security buster/updates InRelease [65.4 kB]
Get:2 http://deb.debian.org/debian buster InRelease [122 kB]
Get:3 http://deb.debian.org/debian buster-updates InRelease [51.9 kB]
Get:4 http://security.debian.org/debian-security buster/updates/main amd64 Packages [226 kB]
Get:5 http://deb.debian.org/debian buster/main amd64 Packages [7906 kB]
Get:6 http://deb.debian.org/debian buster-updates/main amd64 Packages [7868 B]
Fetched 8380 kB in 2s (5123 kB/s)
Reading package lists... Done
root@8f64c6b3381c:/app# apt-get install ca-certificates -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
openssl
The following NEW packages will be installed:
ca-certificates openssl
0 upgraded, 2 newly installed, 0 to remove and 48 not upgraded.
Need to get 1002 kB of archives.
After this operation, 1885 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian buster/main amd64 openssl amd64 1.1.1d-0+deb10u3 [844 kB]
Get:2 http://deb.debian.org/debian buster-updates/main amd64 ca-certificates all 20200601~deb10u1 [158 kB]
Fetched 1002 kB in 0s (3682 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package openssl.
(Reading database ... 24611 files and directories currently installed.)
Preparing to unpack .../openssl_1.1.1d-0+deb10u3_amd64.deb ...
Unpacking openssl (1.1.1d-0+deb10u3) ...
Selecting previously unselected package ca-certificates.
Preparing to unpack .../ca-certificates_20200601~deb10u1_all.deb ...
Unpacking ca-certificates (20200601~deb10u1) ...
Setting up openssl (1.1.1d-0+deb10u3) ...
Setting up ca-certificates (20200601~deb10u1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76.)
debconf: falling back to frontend: Readline
Updating certificates in /etc/ssl/certs...
126 added, 0 removed; done.
Processing triggers for ca-certificates (20200601~deb10u1) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
root@8f64c6b3381c:/app#
现在我想知道我是否可以继续处理pem文件?
/etc/ssl/certspemcrt——trusted host pypi.org——trusted host pypi.python.org——trusted host=files.pythonhosted.orgroot@8f64c6b3381c:/app# apt-get update -y
Get:1 http://security.debian.org/debian-security buster/updates InRelease [65.4 kB]
Get:2 http://deb.debian.org/debian buster InRelease [122 kB]
Get:3 http://deb.debian.org/debian buster-updates InRelease [51.9 kB]
Get:4 http://security.debian.org/debian-security buster/updates/main amd64 Packages [226 kB]
Get:5 http://deb.debian.org/debian buster/main amd64 Packages [7906 kB]
Get:6 http://deb.debian.org/debian buster-updates/main amd64 Packages [7868 B]
Fetched 8380 kB in 2s (5123 kB/s)
Reading package lists... Done
root@8f64c6b3381c:/app# apt-get install ca-certificates -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
openssl
The following NEW packages will be installed:
ca-certificates openssl
0 upgraded, 2 newly installed, 0 to remove and 48 not upgraded.
Need to get 1002 kB of archives.
After this operation, 1885 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian buster/main amd64 openssl amd64 1.1.1d-0+deb10u3 [844 kB]
Get:2 http://deb.debian.org/debian buster-updates/main amd64 ca-certificates all 20200601~deb10u1 [158 kB]
Fetched 1002 kB in 0s (3682 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package openssl.
(Reading database ... 24611 files and directories currently installed.)
Preparing to unpack .../openssl_1.1.1d-0+deb10u3_amd64.deb ...
Unpacking openssl (1.1.1d-0+deb10u3) ...
Selecting previously unselected package ca-certificates.
Preparing to unpack .../ca-certificates_20200601~deb10u1_all.deb ...
Unpacking ca-certificates (20200601~deb10u1) ...
Setting up openssl (1.1.1d-0+deb10u3) ...
Setting up ca-certificates (20200601~deb10u1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76.)
debconf: falling back to frontend: Readline
Updating certificates in /etc/ssl/certs...
126 added, 0 removed; done.
Processing triggers for ca-certificates (20200601~deb10u1) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
root@8f64c6b3381c:/app#