Hi Victor, I have the same goal as you - to figure out how the RSA keys should be generated and then adjust the Dockerfiles to take them as parameters. I know Courage has been working on finding a way to deploy the RSA keys in secure way [1]. Courage, if you can, please share how you generate the RSA keys yourself.
If I understand correctly then one should generate RSA keys before the docker scripts are started and pass them to the containers during starting them. But I don't have any readymade script for generating the RSA keys yet. There must be logic how to do this somewhere in the demo server code base. There has been a long thread [2] (especially last 3 emails) in the list that might give you a hint for a workaround which basically would be: 1. add more logging for provisioner to log all the RSA keys and modulos 2. start demo server 3. copy keys that provisioner printed out from logfiles 4. stop demo server 5. pass the keys to the docker containers during startup Kind regards Juhan [1] https://lists.apache.org/thread.html/31f71e5ab9118c43a4ce615c7de48f714a44eaf6dc94c00714614487@%3Cdev.fineract.apache.org%3E [2] https://lists.apache.org/thread.html/c9d738028c4b4365af33ec74c9899df3764af697eec8d4bccce235be@%3Cdev.fineract.apache.org%3E Kontakt Victor Manuel Romero Rodriguez (<vic_rom...@hotmail.com>) kirjutas kuupƤeval E, 29. aprill 2019 kell 03:12: > *Hello,* > > > *I have just pulled the repository from * > > https://github.com/openMF/fineract-cn-containers > > *Then I execute the commands* > > 1. Run *bash migration_script.sh* > > 2. Run *bash start-up.sh* > > *But then it gives error messages:* > > Generating RSA keys... > grep: logs/provisioner.log: No such file or directory > Error response from daemon: Container > 18d9260749f1dc309acda9f11533773040ed8ace0060097a6e6721280171ae8d is not > running > > Full log: https://pastebin.com/ixw4GihX > > *Looking at the docker logs of provisioner container I found this > messages:* > > ***************************, > APPLICATION FAILED TO START, > ***************************, > , > Description:, > , > Binding to target > org.apache.fineract.cn.provisioner.config.SystemProperties@4078695f > failed:, > , > Property: system.publicKey.timestamp, > Value: null, > Reason: may not be empty, > , > Property: system.privateKey.exponent, > Value: null, > Reason: may not be null, > , > Property: system.publicKey.modulus, > Value: null, > Reason: may not be null, > , > Property: system.privateKey.modulus, > Value: null, > Reason: may not be null, > , > Property: system.publicKey.exponent, > Value: null, > Reason: may not be null, > , > , > Action:, > , > Update your application's configuration, > > > Full log: https://pastebin.com/AgDmSfNE > > Any clue? > > Regards > > Victor > > >
