5.7.0

docker · Jan 1, 2024 · de457d6 · de457d6
1 parent aa6810d
commit de457d6
Showing 2 changed files with 28 additions and 8 deletions.
diff --git a/container_files/usr-local-bin/libraryPrep.sh b/container_files/usr-local-bin/libraryPrep.sh
@@ -197,9 +197,9 @@ prep_finishBegin() {
       export GROUPER_USE_SSL=true
     fi
     if [ "$GROUPER_USE_SSL" = "true" ]; then
-      if [ -z "$GROUPER_SELF_SIGNED_CERT" ] && [ -z "$GROUPER_SSL_CERT_FILE" ] && [ ! -f /opt/grouper/certs/client/localhost.pem ] ; then 
+      if [ -z "$GROUPER_SELF_SIGNED_CERT" ] && [ -z "$GROUPER_SSL_CERT_FILE" ]  && [ ! -f /etc/pki/tls/certs/host-cert.pem ] ; then 
 
-        echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) GROUPER_SELF_SIGNED_CERT and GROUPER_SSL_CERT_FILE are not specified and /opt/grouper/certs/client/localhost.pem does not exist, so: export GROUPER_SELF_SIGNED_CERT=true"
+        echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) GROUPER_SELF_SIGNED_CERT and GROUPER_SSL_CERT_FILE are not specified and /etc/pki/tls/certs/host-cert.pem does not exist, so: export GROUPER_SELF_SIGNED_CERT=true"
         export GROUPER_SELF_SIGNED_CERT=true
 
       fi
@@ -220,6 +220,31 @@ prep_finishBegin() {
         fi
 
       fi
+      # default the cert path
+      if [ -z "$GROUPER_SSL_CERT_FILE" ] && [ -f /etc/pki/tls/certs/host-cert.pem ] ; then 
+        echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_SSL_CERT_FILE=/etc/pki/tls/certs/host-cert.pem"
+        export GROUPER_SSL_CERT_FILE=/etc/pki/tls/certs/host-cert.pem
+      fi
+      if [ -z "$GROUPER_SSL_KEY_FILE" ] && [ -f /etc/pki/tls/private/host-key.pem ] ; then 
+        echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_SSL_KEY_FILE=/etc/pki/tls/private/host-key.pem"
+        export GROUPER_SSL_KEY_FILE=/etc/pki/tls/private/host-key.pem
+      fi
+      if [ -z "$GROUPER_SSL_CHAIN_FILE" ] ; then 
+
+        if [ -f /etc/pki/tls/certs/cachain.pem ]; then
+
+          echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_SSL_USE_CHAIN_FILE=true"
+          export GROUPER_SSL_USE_CHAIN_FILE=true
+          echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_SSL_CHAIN_FILE=/etc/pki/tls/certs/cachain.pem"
+          export GROUPER_SSL_CHAIN_FILE=/etc/pki/tls/certs/cachain.pem
+        else 
+
+          echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_SSL_USE_CHAIN_FILE=false"
+          export GROUPER_SSL_USE_CHAIN_FILE=false
+
+        fi
+      fi
+
       if [ -z "$GROUPER_SSL_USE_CHAIN_FILE" ] ; then 
 
         if [ -z "$GROUPER_SSL_CHAIN_FILE" ]; then
@@ -312,11 +337,6 @@ prep_finishBegin() {
       export GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY=/opt/grouper/logs
     fi
 
-    if [ -z "$GROUPER_GSH_JVMARGS" ] ; then 
-      echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_GSH_JVMARGS=\"-Djavax.net.ssl.trustStore=/etc/pki/java/cacerts\""
-      export GROUPER_GSH_JVMARGS="-Djavax.net.ssl.trustStore=/etc/pki/java/cacerts"
-    fi
-
     #Replace web.xml session timeout with env variable
     if [[ -z "$GROUPER_TOMCAT_SESSION_TIMEOUT_MINUTES" ]]; then
       if [[ "$GROUPER_UI" != 'true' ]] && [[ "$GROUPER_WS" = 'true' ]]; then

diff --git a/run3.sh b/run3.sh
@@ -8,7 +8,7 @@ docker run -d -p 8080:8080 -p 8443:8443 \
 -e GROUPER_START_DELAY_SECONDS=10 -e GROUPER_UI_GROUPER_AUTH=true \
 -e GROUPER_WS_GROUPER_AUTH=true -e GROUPER_SCIM_GROUPER_AUTH=true \
 -e GROUPER_QUICKSTART=true -e GROUPER_RUN_TOMCAT=true \
--e GROUPER_UI=false -e GROUPER_WS=true \
+-e GROUPER_UI=true -e GROUPER_WS=false \
 -e GROUPER_LOG_TO_HOST=true -e GROUPER_TOMCAT_LOG_ACCESS=true \
 -e GROUPER_DATABASE_PASSWORD=pass -e GROUPER_DATABASE_USERNAME=postgres \
 -e GROUPERSYSTEM_QUICKSTART_PASS=pass -e GROUPER_MORPHSTRING_ENCRYPT_KEY=abc123 \