Add global certificates for RDS

avnes · Sep 17, 2024 · 7ee1f34 · 7ee1f34
1 parent f96e5c0
commit 7ee1f34
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,10 @@
 FROM nginx:1.27-alpine
 
+ENV PGSSLROOTCERT=/etc/ssl/certs/ca-certificates.crt
+ENV PGSSLMODE=verify-full
+
 RUN apk update && \
-apk add aws-cli less postgresql14-client
+apk add aws-cli less postgresql14-client ca-certificates && rm -rf /var/cache/apk/* \
+&& wget https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem -O /tmp/rds-combined-ca-bundle.pem \
+&& mv /tmp/rds-combined-ca-bundle.pem /usr/local/share/ca-certificates/rds-combined-ca-bundle.crt \
+&& update-ca-certificates