0

To get docker and yarn working on my corporate network, I needed to add a CA certificate to trust store (for docker) and set NODE_EXTRA_CA_CERTS for yarn (see here). The Dockerfile for my react application includes yarn install && yarn run build which gives a "self signed certificate in certificate chain" error. I am able to get around the error by running yarn install on my local machine before building in docker, remove yarn install from my Dockerfile and remove node_modules from my .dockerignore file.

How should I be resolving this error? Should I be transferring the .pem CA file to the Docker container and adding set NODE_EXTRA_CA_CERTS to the Dockerfile?

Dockerfile:

FROM node:15.13-alpine
WORKDIR /react
COPY . .
# RUN yarn config set cafile ./
RUN yarn install && yarn run build

.dockerignore:

node_modules
build
cpage
  • 119
  • 6
  • 27

1 Answers1

1

I had the same issue on my corporate network. What worked for me is copying the certificate into the image and allow the OS to recognize it by updating CA certificates.

I added this in my Dockerfile:

# Copy SSL certificates into the image
COPY *.crt /usr/local/share/ca-certificates/

# Update the certificate stores
RUN update-ca-certificates --verbose --fresh && \
    npm config set cafile /usr/local/share/ca-certificates/my-custom-root-certificate.crt && \
    yarn config set cafile /usr/local/share/ca-certificates/my-custom-root-certificate.crt

The *.crt files are in my docker build context (or same level as my Dockerfile)

arvind.d
  • 351
  • 2
  • 9