Working with java applications in kubernetes, you might come use
In this article I explain what Java keystore and truststore are.
Create Secret containing keystore.jks
Ensure that the type of your keystore is actually jks and not PKCS#12 or anything else
You can add a java keystore as a secret, directly using the file:
keystore.jks is the name of the field, used in the resulting json/yaml format of the secret. For cacerts this would look as follows
If you want to create the secret and store it in source control you could do this as follows:
Convert keystore to base64:
Open secret.yaml in Editor, modify the content as follows:
Add the secret to k8s:
Retrieve keystore.jks from the Secret
You can get the keystore.jks from the secret as follows:
Update secret
You can the keystore.jks file directly as follows:
Mounting cacerts in a pod
When using java applications an you have self-signed certificates which you added to your cacerts you also have to mount it inside the pod, so the java application running there can use it. There are two ways:
mount keeping the files in the java directory intact.