diff --git a/11/jdk/alpine/entrypoint.sh b/11/jdk/alpine/entrypoint.sh index 0b9e36a0c..b91211f5d 100755 --- a/11/jdk/alpine/entrypoint.sh +++ b/11/jdk/alpine/entrypoint.sh @@ -20,7 +20,8 @@ if [ -n "$USE_SYSTEM_CA_CERTS" ]; then CACERT="$JAVA_HOME/jre/lib/security/cacerts" fi - # Update CA certificates and extract the trust store + # OpenJDK images used to create a hook for `update-ca-certificates`. Since we are using an entrypoint anyway, we + # might as well just generate the truststore and skip the hooks. update-ca-certificates trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$CACERT" diff --git a/11/jre/alpine/entrypoint.sh b/11/jre/alpine/entrypoint.sh index 0b9e36a0c..b91211f5d 100755 --- a/11/jre/alpine/entrypoint.sh +++ b/11/jre/alpine/entrypoint.sh @@ -20,7 +20,8 @@ if [ -n "$USE_SYSTEM_CA_CERTS" ]; then CACERT="$JAVA_HOME/jre/lib/security/cacerts" fi - # Update CA certificates and extract the trust store + # OpenJDK images used to create a hook for `update-ca-certificates`. Since we are using an entrypoint anyway, we + # might as well just generate the truststore and skip the hooks. update-ca-certificates trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$CACERT" diff --git a/17/jdk/alpine/entrypoint.sh b/17/jdk/alpine/entrypoint.sh index 0b9e36a0c..b91211f5d 100755 --- a/17/jdk/alpine/entrypoint.sh +++ b/17/jdk/alpine/entrypoint.sh @@ -20,7 +20,8 @@ if [ -n "$USE_SYSTEM_CA_CERTS" ]; then CACERT="$JAVA_HOME/jre/lib/security/cacerts" fi - # Update CA certificates and extract the trust store + # OpenJDK images used to create a hook for `update-ca-certificates`. Since we are using an entrypoint anyway, we + # might as well just generate the truststore and skip the hooks. update-ca-certificates trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$CACERT" diff --git a/17/jre/alpine/entrypoint.sh b/17/jre/alpine/entrypoint.sh index 0b9e36a0c..b91211f5d 100755 --- a/17/jre/alpine/entrypoint.sh +++ b/17/jre/alpine/entrypoint.sh @@ -20,7 +20,8 @@ if [ -n "$USE_SYSTEM_CA_CERTS" ]; then CACERT="$JAVA_HOME/jre/lib/security/cacerts" fi - # Update CA certificates and extract the trust store + # OpenJDK images used to create a hook for `update-ca-certificates`. Since we are using an entrypoint anyway, we + # might as well just generate the truststore and skip the hooks. update-ca-certificates trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$CACERT" diff --git a/21/jdk/alpine/entrypoint.sh b/21/jdk/alpine/entrypoint.sh index 0b9e36a0c..b91211f5d 100755 --- a/21/jdk/alpine/entrypoint.sh +++ b/21/jdk/alpine/entrypoint.sh @@ -20,7 +20,8 @@ if [ -n "$USE_SYSTEM_CA_CERTS" ]; then CACERT="$JAVA_HOME/jre/lib/security/cacerts" fi - # Update CA certificates and extract the trust store + # OpenJDK images used to create a hook for `update-ca-certificates`. Since we are using an entrypoint anyway, we + # might as well just generate the truststore and skip the hooks. update-ca-certificates trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$CACERT" diff --git a/21/jre/alpine/entrypoint.sh b/21/jre/alpine/entrypoint.sh index 0b9e36a0c..b91211f5d 100755 --- a/21/jre/alpine/entrypoint.sh +++ b/21/jre/alpine/entrypoint.sh @@ -20,7 +20,8 @@ if [ -n "$USE_SYSTEM_CA_CERTS" ]; then CACERT="$JAVA_HOME/jre/lib/security/cacerts" fi - # Update CA certificates and extract the trust store + # OpenJDK images used to create a hook for `update-ca-certificates`. Since we are using an entrypoint anyway, we + # might as well just generate the truststore and skip the hooks. update-ca-certificates trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$CACERT" diff --git a/8/jdk/alpine/entrypoint.sh b/8/jdk/alpine/entrypoint.sh index 0b9e36a0c..b91211f5d 100755 --- a/8/jdk/alpine/entrypoint.sh +++ b/8/jdk/alpine/entrypoint.sh @@ -20,7 +20,8 @@ if [ -n "$USE_SYSTEM_CA_CERTS" ]; then CACERT="$JAVA_HOME/jre/lib/security/cacerts" fi - # Update CA certificates and extract the trust store + # OpenJDK images used to create a hook for `update-ca-certificates`. Since we are using an entrypoint anyway, we + # might as well just generate the truststore and skip the hooks. update-ca-certificates trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$CACERT" diff --git a/8/jre/alpine/entrypoint.sh b/8/jre/alpine/entrypoint.sh index 0b9e36a0c..b91211f5d 100755 --- a/8/jre/alpine/entrypoint.sh +++ b/8/jre/alpine/entrypoint.sh @@ -20,7 +20,8 @@ if [ -n "$USE_SYSTEM_CA_CERTS" ]; then CACERT="$JAVA_HOME/jre/lib/security/cacerts" fi - # Update CA certificates and extract the trust store + # OpenJDK images used to create a hook for `update-ca-certificates`. Since we are using an entrypoint anyway, we + # might as well just generate the truststore and skip the hooks. update-ca-certificates trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$CACERT" diff --git a/docker_templates/scripts/entrypoint.alpine-linux.sh b/docker_templates/scripts/entrypoint.alpine-linux.sh index 0b9e36a0c..b91211f5d 100755 --- a/docker_templates/scripts/entrypoint.alpine-linux.sh +++ b/docker_templates/scripts/entrypoint.alpine-linux.sh @@ -20,7 +20,8 @@ if [ -n "$USE_SYSTEM_CA_CERTS" ]; then CACERT="$JAVA_HOME/jre/lib/security/cacerts" fi - # Update CA certificates and extract the trust store + # OpenJDK images used to create a hook for `update-ca-certificates`. Since we are using an entrypoint anyway, we + # might as well just generate the truststore and skip the hooks. update-ca-certificates trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose=server-auth "$CACERT"