Trust Certificates Pre-work

Your Software Risk Manager instance can trust self-signed certificates or certificates issued by certificate authorities that are not trusted by default. Obtain a copy of the cacerts file from a Java 11 distribution, which will include the keytool program that you will need to run the following command:

keytool -import -trustcacerts -keystore ./cacerts -file /path/to/cert -alias cert-name

Note: The default password for a Java cacerts file is changeit.

You can mount your cacerts file by adding a line to the volumes list in the codedx-tomcat section:

    codedx-tomcat:
        ...
        volumes:
            - codedx-appdata:/opt/codedx
            - /path/to/cacerts:/opt/java/openjdk/lib/security/cacerts
        ...

Note: Append :Z to the extra volume mount when using selinux.