Docker Compose TLS installation failed

baxiaoshi · April 13, 2023, 3:02am

[root@VM-0-9-centos docker-compose]# pwd
/root/docker-compose
[root@VM-0-9-centos docker-compose]# ./tls/run-tls.sh

The following error occurred

Step 4/4 : RUN update-ca-certificates
 ---> Running in 626b030fdc69
Failed to open temporary file /etc/ssl/certs/bundleXXXXXX for ca bundle
The command '/bin/bash -c update-ca-certificates' returned a non-zero code: 1
ERROR: Service 'temporal-admin-tools' failed to build

tihomir · April 13, 2023, 4:27am

What user are you running as, does it have permission to read from /etc/ssl/certs/?

baxiaoshi · April 13, 2023, 7:53am

github.com

temporalio/docker-compose/blob/main/tls/Dockerfile.admin-tools-tls

ARG BASEIMAGE
FROM temporalio/${BASEIMAGE}

COPY ./.pki/ca.pem /usr/local/share/ca-certificates/ca.crt

RUN update-ca-certificates

By adding the USER root configuration, the problem is resolved.

barrownicholas · June 14, 2023, 2:07am

@baxiaoshi can you explain a bit more how you solved this? I’m running into the same issue. How/where did you add a user root configuration, i.e. how can I replicate your fix.

Edit:

It looks (possibly) like you did something like this (adding a USER root):

ARG BASEIMAGE
FROM temporalio/${BASEIMAGE}

USER root

COPY ./.pki/ca.pem /usr/local/share/ca-certificates/ca.crt

RUN update-ca-certificates

Topic		Replies	Views
Docker compose tls error Community Support	3	696	January 25, 2024
Docker-compose deployment with mutual TLS Community Support	5	1597	August 13, 2020
While Enabling Elastic Search Getting Error Community Support java-sdk	5	833	March 21, 2023
Environment variables required to define TLS in temporalio Community Support	0	276	January 27, 2024
Temporal worker is unable to connect to Cluster Community Support typescript-sdk , tls , certificate	2	887	August 24, 2023

Docker Compose TLS installation failed

Related topics