Export public keys for certs from the VM to the Dockerfile
sixeyed opened this issue · comments
Elton Stoneman commented
Enterprises often have a custom CA that their machines are provisioned to trust, which gets used for any custom certs they make. Thinking something like a new flag /ExportTrustedCertificates
which will check the cert store on the VM and copy public keys to the Dockerfile, so the container trusts the enterprise CA.
For each cert to trust in the Docker image, the Dockerfile needs some PowerShell like this:
$cert = new-object System.Security.Cryptography.X509Certificates.X509Certificate2 <file.crt>
$store = new-object System.Security.Cryptography.X509Certificates.X509Store('Root','localmachine')
$store.Open('ReadWrite')
$store.Add($cert)
$store.Close()