docker container ssl certificates
Mount the certs onto the Docker container using
docker run -v /host/path/to/certs:/container/path/to/certs -d IMAGE_ID "update-ca-certificates"
I am trying to do something similar to this. As commented above, I think you would want to build a new image with a custom Dockerfile (using the image you pulled as a base image),
ADD your certificate, then
RUN update-ca-certificates. This way you will have a consistent state each time you start a container from this new image.
# Dockerfile FROM some-base-image:0.1 ADD you_certificate.crt:/container/cert/path RUN update-ca-certificates
Let's say a
docker build against that Dockerfile produced IMAGE_ID. On the next
docker run -d [any other options] IMAGE_ID, the container started by that command will have your certificate info. Simple and reproducible.
As was suggested in a comment above, if the certificate store on the host is compatible with the guest, you can just mount it directly.
On a Debian host (and container), I've successfully done:
docker run -v /etc/ssl/certs:/etc/ssl/certs:ro ...