diff --git a/container_files/usr-local-bin/libraryPrep.sh b/container_files/usr-local-bin/libraryPrep.sh
index 81c966d..eb8f145 100644
--- a/container_files/usr-local-bin/libraryPrep.sh
+++ b/container_files/usr-local-bin/libraryPrep.sh
@@ -197,9 +197,9 @@ prep_finishBegin() {
export GROUPER_USE_SSL=true
fi
if [ "$GROUPER_USE_SSL" = "true" ]; then
- if [ -z "$GROUPER_SELF_SIGNED_CERT" ] && [ -z "$GROUPER_SSL_CERT_FILE" ] && [ ! -f /opt/grouper/certs/client/localhost.pem ] ; then
+ if [ -z "$GROUPER_SELF_SIGNED_CERT" ] && [ -z "$GROUPER_SSL_CERT_FILE" ] && [ ! -f /etc/pki/tls/certs/host-cert.pem ] ; then
- echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) GROUPER_SELF_SIGNED_CERT and GROUPER_SSL_CERT_FILE are not specified and /opt/grouper/certs/client/localhost.pem does not exist, so: export GROUPER_SELF_SIGNED_CERT=true"
+ echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) GROUPER_SELF_SIGNED_CERT and GROUPER_SSL_CERT_FILE are not specified and /etc/pki/tls/certs/host-cert.pem does not exist, so: export GROUPER_SELF_SIGNED_CERT=true"
export GROUPER_SELF_SIGNED_CERT=true
fi
@@ -220,6 +220,31 @@ prep_finishBegin() {
fi
fi
+ # default the cert path
+ if [ -z "$GROUPER_SSL_CERT_FILE" ] && [ -f /etc/pki/tls/certs/host-cert.pem ] ; then
+ echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_SSL_CERT_FILE=/etc/pki/tls/certs/host-cert.pem"
+ export GROUPER_SSL_CERT_FILE=/etc/pki/tls/certs/host-cert.pem
+ fi
+ if [ -z "$GROUPER_SSL_KEY_FILE" ] && [ -f /etc/pki/tls/private/host-key.pem ] ; then
+ echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_SSL_KEY_FILE=/etc/pki/tls/private/host-key.pem"
+ export GROUPER_SSL_KEY_FILE=/etc/pki/tls/private/host-key.pem
+ fi
+ if [ -z "$GROUPER_SSL_CHAIN_FILE" ] ; then
+
+ if [ -f /etc/pki/tls/certs/cachain.pem ]; then
+
+ echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_SSL_USE_CHAIN_FILE=true"
+ export GROUPER_SSL_USE_CHAIN_FILE=true
+ echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_SSL_CHAIN_FILE=/etc/pki/tls/certs/cachain.pem"
+ export GROUPER_SSL_CHAIN_FILE=/etc/pki/tls/certs/cachain.pem
+ else
+
+ echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_SSL_USE_CHAIN_FILE=false"
+ export GROUPER_SSL_USE_CHAIN_FILE=false
+
+ fi
+ fi
+
if [ -z "$GROUPER_SSL_USE_CHAIN_FILE" ] ; then
if [ -z "$GROUPER_SSL_CHAIN_FILE" ]; then
@@ -312,11 +337,6 @@ prep_finishBegin() {
export GROUPER_TOMCAT_LOG_ACCESS_DIRECTORY=/opt/grouper/logs
fi
- if [ -z "$GROUPER_GSH_JVMARGS" ] ; then
- echo "grouperContainer; INFO: (libraryPrep.sh-prep_finishBegin) export GROUPER_GSH_JVMARGS=\"-Djavax.net.ssl.trustStore=/etc/pki/java/cacerts\""
- export GROUPER_GSH_JVMARGS="-Djavax.net.ssl.trustStore=/etc/pki/java/cacerts"
- fi
-
#Replace web.xml session timeout with env variable
if [[ -z "$GROUPER_TOMCAT_SESSION_TIMEOUT_MINUTES" ]]; then
if [[ "$GROUPER_UI" != 'true' ]] && [[ "$GROUPER_WS" = 'true' ]]; then
diff --git a/run3.sh b/run3.sh
index 18a2a33..c48a2dd 100755
--- a/run3.sh
+++ b/run3.sh
@@ -8,7 +8,7 @@ docker run -d -p 8080:8080 -p 8443:8443 \
-e GROUPER_START_DELAY_SECONDS=10 -e GROUPER_UI_GROUPER_AUTH=true \
-e GROUPER_WS_GROUPER_AUTH=true -e GROUPER_SCIM_GROUPER_AUTH=true \
-e GROUPER_QUICKSTART=true -e GROUPER_RUN_TOMCAT=true \
--e GROUPER_UI=false -e GROUPER_WS=true \
+-e GROUPER_UI=true -e GROUPER_WS=false \
-e GROUPER_LOG_TO_HOST=true -e GROUPER_TOMCAT_LOG_ACCESS=true \
-e GROUPER_DATABASE_PASSWORD=pass -e GROUPER_DATABASE_USERNAME=postgres \
-e GROUPERSYSTEM_QUICKSTART_PASS=pass -e GROUPER_MORPHSTRING_ENCRYPT_KEY=abc123 \