The downloader (aka: RemoteDownloadAgent) receives inbound HTTPS connections from the dashboard, encrypting everything with a self-signed certificate.
Here are the steps to install an actual certificate to a RemoteDownloadAgent.
- Java installed in your system
- The Downloader uses a Java Keystore to store the certificate.
1. Follow the steps from this Oracle blog post to create a Java Keystore starting from a certificate chain: https://blogs.oracle.com/jtc/installing-trusted-certificates-into-a-java-keystore. IMPORTANT: the keystore password must be 450311aa
2. Create a derivative image starting from the provided downloader image, which will contain the newly created keystore.
IMPORTANT: the file needs to be called keystore and must be placed in: /opt/remoteDownloadAgent/
For step 2, an example Docker file may look like the following:
COPY keystore /opt/remoteDownloadAgent/keystore