Keystores for Downloader

The downloader (aka: RemoteDownloadAgent) receives inbound HTTPS connections from the dashboard, encrypting everything with a self-signed certificate.

Here are the steps to install an actual certificate to a RemoteDownloadAgent.

Requirements: 

  • Java installed in your system

Facts:

  • The Downloader uses a Java Keystore to store the certificate.

Steps:

1. Follow the steps from this Oracle blog post to create a Java Keystore starting from a certificate chain: https://blogs.oracle.com/jtc/installing-trusted-certificates-into-a-java-keystoreIMPORTANT: the keystore password must be 450311aa

2. Create a derivative image starting from the provided downloader image, which will contain the newly created keystore.
IMPORTANT: the file needs to be called keystore and must be placed in:  /opt/remoteDownloadAgent/

For step 2, an example Docker file may look like the following:

FROM apifortress/remoteDownloadAgent:latest
COPY keystore /opt/remoteDownloadAgent/keystore