GR8B8
GR8B8
PostsComments
CCoder.com
Created by GR8B8 on 3/20/2025 in #help
Setting up CA certificate for the container
Hey there! I'm hosting Coder on a Redhat VM that is already configured with it's certificate from our CA. However, I'm having a hard time trying to set it up on the container. After starting the workspace if I check the docker logs of the container I get 
curl -fsSL --compressed https://coder.ourdomain.com/bin/coder-linux-amd64 -o coder
curl: (60) SSL certificate problem: unable to get local issuer certificate
curl -fsSL --compressed https://coder.ourdomain.com/bin/coder-linux-amd64 -o coder
curl: (60) SSL certificate problem: unable to get local issuer certificate
I'm using the Docker Containers starter template and added the upload block on the docker_container resource to upload the certificate from the Coder machine to the container. 
upload {
  file   = "/usr/local/share/ca-certificates/cert.crt"
  source = "/srv/certificate.pem
}
upload {
  file   = "/usr/local/share/ca-certificates/cert.crt"
  source = "/srv/certificate.pem
}
This part is working fine, however it does not update the certificates automatically, leading to the error above. To fix this, on the Coder host I have to docker exec -it <container_id> bash and then run the sudo update-ca-certificates (without sudo fails). I tryed adding this entrypoint = ["sh", "-c", replace(...), "&&", "sudo update-ca-certificates"] to the entrypoint parameter of the docker_containers resource but it did not work. Is it possible to configure like this? Thanks in advance!
18 replies