If you are configuring the Moderne DX service to connect to a service that requires a self-signed certificate to perform an HTTPS request (e.g., Maven or Artifactory) you will need to:
Supply a KeyStore for the service to use in the PKCS12 format at the following location: ${JAVA_HOME}/lib/security/client_keystore.p12
Configure the service to skipSSL for this service (See the Artifactory or Maven service documentation)
Below are a few examples of creating the KeyStore in some common scenarios:
If you are running the service in an OCI container, you will need to create a new Dockerfile based on the Moderne DX service and supply the image with the KeyStore.
Example:
FROM moderne.azurecr.io/moderne-dev/moderne/moderne-dx:latestUSER rootCOPY s2s-cert.pem ${JAVA_HOME}/lib/security/s2s-cert.pem#Certifcate without keysRUN openssl pkcs12 -export \-in ${JAVA_HOME}/lib/security/s2s-cert.pem \-out ${JAVA_HOME}/lib/security/client_keystore.p12 \-name ssl_cert \-passout pass:changeit \-nokeys
Nothing else needs to happen for the executable JAR flow other than ensuring the KeyStore has been added to the following location: ${JAVA_HOME}/lib/security/client_keystore.p12