docker ca certificate for private registry on osx

Docker has changed to ssl as from v1.3.1. But until now I could not use it with local / on-premise docker registries and had to fall-back to –insecure options.
Today I read a docker issue at 805 and the last comment of ‘rossbachp’ gave the solution.

Get your hand on the public CA key part of your self signed server key. That is the one you have used to sign your self signed certificate for your server.
Create inside your boot2docker ‘boot2docker ssh’ a directory named after the private registry you want to access:
boot2docker ssh
sudo su -
cd /var/lib/boot2docker
mkdir registry.acme.org
cd registry.acme.org
cp /from/some/location/ca.pem .

Create a script in /var/lib/boot2docker/bootlocal.sh

#!/bin/bash
cat /var/lib/boot2docker/registry.acme.org/ca.pem >> /etc/ssl/cacert.pem

Now you can push your docker images to your on-premise docker registry.

camel cxf https server endpoint

I wanted to configure in camel a cxf https endpoint. Normally I do it the forceful way to update the jdk certificates but it can be done in another way.
Define the jax-ws contract first endpoint, although that can be done also in a code first manner.

This is the defined endpoint, it is directly taken from a camel sample named ‘camel-cxf-contract-first-blueprint’.

 
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cxf="http://camel.apache.org/schema/blueprint/cxf"
	xmlns:camel="http://camel.apache.org/schema/blueprint" xmlns:sec="http://cxf.apache.org/configuration/security"
	xmlns:http="http://cxf.apache.org/transports/http/configuration"
	xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
	xsi:schemaLocation="
             http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
             http://camel.apache.org/schema/blueprint/cxf http://camel.apache.org/schema/blueprint/cxf/camel-cxf.xsd
             http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd
             http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd">
 
	<cxf:cxfEndpoint id="reportEndpoint"
		address="https://localhost:9080/part-five/webservices/incident"
		serviceClass="org.apache.camel.example.reportincident.ReportIncidentEndpoint"
		wsdlURL="wsdl/report_incident.wsdl">
		<cxf:properties>
			<entry key="loggingFeatureEnabled" value="true"/>
		</cxf:properties>
	</cxf:cxfEndpoint>
 
	<httpj:engine-factory bus="cxf">
		<httpj:engine port="9080">
			<httpj:tlsServerParameters>
				<sec:keyManagers keyPassword="changeit">
					<sec:keyStore type="JKS" password="changeit" resource="certs/keystore.jks" />
				</sec:keyManagers>
			</httpj:tlsServerParameters>
		</httpj:engine>
	</httpj:engine-factory>
 
	<camelContext xmlns="http://camel.apache.org/schema/blueprint">
        <route>
        <from uri="cxf:bean:reportEndpoint"/>
        <convertBodyTo type="org.apache.camel.example.reportincident.InputReportIncident"/>
        <log message="Received report incident ${body.incidentId}"/>
        <setHeader headerName="Exchange.FILE_NAME">
            <simple>report-incident-${body.incidentId}.xml</simple>
        </setHeader>
        <to uri="file:work/incident"/>
        <log message="Stored a copy of the incident as ${header.CamelFileNameProduced}"/>
        <choice>
            <when>
                <simple>${body.phone.isEmpty}</simple>
                <to uri="seda:emailMe"/>
            </when>
            <otherwise>
                <to uri="seda:callMe"/>
            </otherwise>
        </choice>
        <to uri="language:constant:classpath:ok.xml"/>
        <convertBodyTo type="org.apache.camel.example.reportincident.OutputReportIncident"/>
    </route>
    <route>
        <from uri="seda:callMe"/>
        <log message="We are going to call ${body.phone}"/>
    </route>
    <route>
        <from uri="seda:emailMe"/>
        <log message="We are going to email ${body.email}"/>
    </route>
</camelContext>
 
</blueprint>

Update the xml code snippet to make it readable again. (2015/01/25)