From 2336b2a490d10cd7c16f4f401658f4650c870007 Mon Sep 17 00:00:00 2001
From: mchyzer <mchyzer@isc.upenn.edu>
Date: Tue, 27 Feb 2024 12:25:02 -0500
Subject: [PATCH] 4.11.0

---
 Dockerfile                                    |  4 ++--
 .../containerDockerfileInstall.sh             | 21 ++++++++++++++++---
 2 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 1a9a1b9..8760de7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,8 +8,8 @@ LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>" \
 
 ARG GROUPER_CONTAINER_VERSION
 
-ENV GROUPER_VERSION=4.10.4 \
-    GROUPER_CONTAINER_VERSION=4.10.4 \
+ENV GROUPER_VERSION=4.11.0 \
+    GROUPER_CONTAINER_VERSION=4.11.0 \
     JAVA_HOME=/usr/lib/jvm/java-17-amazon-corretto \
     PATH=$PATH:$JAVA_HOME/bin \
     GROUPER_HOME=/opt/grouper/grouperWebapp/WEB-INF
diff --git a/container_files/docker-build-bin/containerDockerfileInstall.sh b/container_files/docker-build-bin/containerDockerfileInstall.sh
index cb8edbb..33a4fbf 100644
--- a/container_files/docker-build-bin/containerDockerfileInstall.sh
+++ b/container_files/docker-build-bin/containerDockerfileInstall.sh
@@ -180,10 +180,25 @@ returnCode=$?
 echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) mkdir -p /opt/grouper/certs/anchors, result: $returnCode"
 if [ $returnCode != 0 ]; then exit $returnCode; fi
 
-mv /opt/container_files/certs/* /opt/grouper/certs/
+#mv /opt/container_files/certs/* /opt/grouper/certs/
+#returnCode=$?
+#echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) mv /opt/container_files/certs/* /opt/grouper/certs/, result: $returnCode"
+#if [ $returnCode != 0 ]; then exit $returnCode; fi
+
+chmod u+w $JAVA_HOME/lib/security/cacerts
 returnCode=$?
-echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) mv /opt/container_files/certs/* /opt/grouper/certs/, result: $returnCode"
-if [ $returnCode != 0 ]; then exit $returnCode; fi
+echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) chmod u+w $JAVA_HOME/lib/security/cacerts , result=$returnCode"
+if [ $returnCode != 0 ]; then exit $returnCode; fi  
+  
+/usr/lib/jvm/java/bin/keytool -import -noprompt -cacerts -storepass changeit -alias "localhost" -file "/opt/container_files/certs/localhost.pem"
+returnCode=$?
+echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) /usr/lib/jvm/java/bin/keytool -import -noprompt -cacerts -storepass changeit -alias \"localhost\" -file \"/opt/container_files/certs/localhost.pem\" , result=$returnCode"
+if [ $returnCode != 0 ]; then exit $returnCode; fi  
+        
+chmod u-w $JAVA_HOME/lib/security/cacerts
+returnCode=$?
+echo "grouperDockerfile; INFO: (containerDockerfileInstall.sh) chmod u-w $JAVA_HOME/lib/security/cacerts , result=$returnCode"
+if [ $returnCode != 0 ]; then exit $returnCode; fi  
 
 echo 'umask 002' >> /home/tomcat/.bashrc
 returnCode=$?