[bitnami/ejbca] Release 7.10.0-2-debian-11-r9 (#14732)

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
2022-11-24 08:16:48 +01:00 · 2022-11-24 08:16:48 +01:00 · 3fe55a66a5
parent d4f8372ff9
commit 3fe55a66a5
4 changed files with 23 additions and 34 deletions
--- a/bitnami/ejbca/7/debian-11/Dockerfile
+++ b/bitnami/ejbca/7/debian-11/Dockerfile
@ -5,7 +5,7 @@ ARG TARGETARCH

 LABEL org.opencontainers.image.authors="https://bitnami.com/contact" \
      org.opencontainers.image.description="Application packaged by Bitnami" \
-      org.opencontainers.image.ref.name="7.10.0-2-debian-11-r8" \
+      org.opencontainers.image.ref.name="7.10.0-2-debian-11-r9" \
      org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/ejbca" \
      org.opencontainers.image.title="ejbca" \
      org.opencontainers.image.vendor="VMware, Inc." \
@ -22,11 +22,11 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 RUN install_packages acl ca-certificates curl libaio1 libaudit1 libcap-ng0 libgcc-s1 libicu67 liblzma5 libncurses6 libpam0g libssl1.1 libstdc++6 libtinfo6 libxml2 procps zlib1g
 RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \
    COMPONENTS=( \
-      "java-11.0.17-7-1-linux-${OS_ARCH}-debian-11" \
-      "wildfly-26.1.2-2-linux-${OS_ARCH}-debian-11" \
-      "mysql-client-10.6.11-0-linux-${OS_ARCH}-debian-11" \
-      "gosu-1.14.0-155-linux-${OS_ARCH}-debian-11" \
-      "ejbca-7.10.0-2-0-linux-${OS_ARCH}-debian-11" \
+      "java-11.0.17-7-2-linux-${OS_ARCH}-debian-11" \
+      "wildfly-26.1.2-3-linux-${OS_ARCH}-debian-11" \
+      "mysql-client-10.6.11-1-linux-${OS_ARCH}-debian-11" \
+      "gosu-1.14.0-156-linux-${OS_ARCH}-debian-11" \
+      "ejbca-7.10.0-2-1-linux-${OS_ARCH}-debian-11" \
    ) && \
    for COMPONENT in "${COMPONENTS[@]}"; do \
      if [ ! -f "${COMPONENT}.tar.gz" ]; then \
--- a/bitnami/ejbca/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
+++ b/bitnami/ejbca/7/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
@ -1,37 +1,37 @@
 {
    "ejbca": {
        "arch": "amd64",
-        "digest": "872e419159f20cc85c82593f17e7c471c034528d2af29189b2cd4828a56a8b61",
+        "digest": "10052f5eb79bce8694f48257d4902ce9f7e267a2e7c8dbf6fe9860ecc7d3c346",
        "distro": "debian-11",
        "type": "NAMI",
-        "version": "7.10.0-2-0"
+        "version": "7.10.0-2-1"
    },
    "gosu": {
        "arch": "amd64",
-        "digest": "f21869b27c26b9c3053bce8b419a0fdf1dc45fcf13a7c2058e0afb6996d3687f",
+        "digest": "7969f4cc8ad0a260f891cccf5694686a513f4706b48771d605645be1f3f072e2",
        "distro": "debian-11",
        "type": "NAMI",
-        "version": "1.14.0-155"
+        "version": "1.14.0-156"
    },
    "java": {
        "arch": "amd64",
-        "digest": "972009952c7ab083836ce1943c7768daac74ec3cbea63eb5994b38e7c9794b75",
+        "digest": "e2e6c8abc916f52a57d4af507b87da59ac3ae5cc0b1e8ea0f12756ebc90be8f5",
        "distro": "debian-11",
        "type": "NAMI",
-        "version": "11.0.17-7-1"
+        "version": "11.0.17-7-2"
    },
    "mysql-client": {
        "arch": "amd64",
-        "digest": "c4bdede83fe1cef62481e4ff88c32b7af5797bea7cd2415ca98aca00ae897042",
+        "digest": "5c67ad12863f967c435da9070c023bf5342c83f2a82d03c7e822cfbc28c342d1",
        "distro": "debian-11",
        "type": "NAMI",
-        "version": "10.6.11-0"
+        "version": "10.6.11-1"
    },
    "wildfly": {
        "arch": "amd64",
-        "digest": "ec1bc6fa93ef2d49db9f27a96b859a2ec79cbc1b62d22d2b515ec2bc18cda344",
+        "digest": "ea2a7406d9736483deb092bcc5ac0e4fcff3fc2137b6cd3a3afbdb8efbeeaaf3",
        "distro": "debian-11",
        "type": "NAMI",
-        "version": "26.1.2-2"
+        "version": "26.1.2-3"
    }
 }
--- a/bitnami/ejbca/7/debian-11/rootfs/opt/bitnami/scripts/libejbca.sh
+++ b/bitnami/ejbca/7/debian-11/rootfs/opt/bitnami/scripts/libejbca.sh
@ -354,11 +354,11 @@ ejbca_generate_ca() {
            --caname "$EJBCA_CA_NAME" \
            --tokenType "soft" \
            --tokenPass "null" \
-            --keytype "$EJBCA_CA_KEYTYPE" \
-            --keyspec "$EJBCA_CA_KEYSPEC" \
-            -v "$EJBCA_CA_CERT_VALIDITY" \
-            --policy "$EJBCA_CA_CERT_POLICY_ID" \
-            -s "$EJBCA_CA_CERT_SIGNATURE_ALGORITHM" \
+            --keytype "RSA" \
+            --keyspec "3072" \
+            -v "3652" \
+            --policy "null" \
+            -s "SHA256WithRSA" \
            -type "x509"

        info "Add superadmin user"
@ -565,14 +565,8 @@ ejbca_initialize() {
        export EJBCA_KEYSTORE_PASSWORD
        EJBCA_WILDFLY_ADMIN_PASSWORD="${EJBCA_WILDFLY_ADMIN_PASSWORD:-$(generate_random_string -t alphanumeric)}"
        export EJBCA_WILDFLY_ADMIN_PASSWORD
-
-        ## Initial certificate setup
-        export EJBCA_BASE_DN="${EJBCA_BASE_DN:-O=Example CA,C=SE,UID=c-$(generate_random_string -t alphanumeric)}"
-        export EJBCA_CA_KEYTYPE="${EJBCA_CA_KEYTYPE:-RSA}"
-        export EJBCA_CA_KEYSPEC="${EJBCA_CA_KEYSPEC:-3072}"
-        export EJBCA_CA_CERT_VALIDITY="${EJBCA_CA_CERT_VALIDITY:-3652}"
-        export EJBCA_CA_CERT_POLICY_ID="${EJBCA_CA_CERT_POLICY_ID:-null}"
-        export EJBCA_CA_CERT_SIGNATURE_ALGORITHM="${EJBCA_CA_CERT_SIGNATURE_ALGORITHM:-SHA256WithRSA}"
+        EJBCA_BASE_DN="${EJBCA_BASE_DN:-O=Example CA,C=SE,UID=c-$(generate_random_string -t alphanumeric)}"
+        export EJBCA_BASE_DN

        # Check if external keystore
        if [[ -f "$EJBCA_SERVER_CERT_FILE" && -n "$EJBCA_SERVER_CERT_PASSWORD" ]]; then
--- a/bitnami/ejbca/README.md
+++ b/bitnami/ejbca/README.md
@ -163,11 +163,6 @@ The EJBCA instance can be customized by specifying environment variables on the
 - `EJBCA_DATABASE_PASSWORD`: Database password. No defaults.
 - `EJBCA_BASE_DN`: Base DN for the CA. Defaults to `O=Example CA,C=SE,UID=c-XXXXXXX`, where `XXXXXXX` is a random generated ID.
 - `EJBCA_CA_NAME`: CA Name. Defaults to `ManagementCA`
- `EJBCA_CA_KEYTYPE`: Initial keytype for the CA certificate. Defaults to `RSA`.
- `EJBCA_CA_KEYSPEC`: Initial keyspec for the CA certificate. Defaults to `3072`.
- `EJBCA_CA_CERT_VALIDITY`: Initial certificate validity in days for the CA certificate. Defaults to `3652`.
- `EJBCA_CA_CERT_POLICY_ID`: Initial certificate policy ID for the CA certificate. Defaults to `null`.
- `EJBCA_CA_CERT_SIGNATURE_ALGORITHM`: Initial certificate signature algorithm for the CA certificate. Defaults to `SHA256WithRSA`.
 - `JAVA_OPTS`: Java options. Defaults to `-Xms2048m -Xmx2048m -XX:MetaspaceSize=192M -XX:MaxMetaspaceSize=256m -Djava.net.preferIPv4Stack=true -Dhibernate.dialect=org.hibernate.dialect.MySQL5Dialect -Dhibernate.dialect.storage_engine=innodb`.
 - `EJBCA_SERVER_CERT_FILE`: User provided keystore file. No defaults.
 - `EJBCA_SERVER_CERT_PASSWORD`: User provided keystore file password. No defaults.