chore: add tls.crt to truststore from miw (#77)

to enable https connection with centralidp Keycloak instance

charts/umbrella/Chart.yaml

@@ -28,7 +28,7 @@ sources:
   - https://github.com/eclipse-tractusx/tractus-x-umbrella
 
 type: application
-version: 0.11.5
+version: 0.11.6
 
 # when adding or updating versions of dependencies, also update list under README.md#Install
 dependencies:

charts/umbrella/values.yaml

@@ -493,7 +493,36 @@ sdfactory:
 
 managed-identity-wallet:
   enabled: false
-  ## TODO figure out tls setup with centralidp keycloak
+  # TLS to trust centralidp Keycloak instance
+  initContainers:
+    - name: init-certs
+      image: docker.io/tractusx/managed-identity-wallet:0.4.0
+      imagePullPolicy: IfNotPresent
+      command: ["sh"]
+      args:
+        - -ec
+        - |-
+          cp -R /opt/java/openjdk/lib/security/* /cacerts/
+          echo "Copying done"
+          keytool -import -noprompt -trustcacerts -alias local -file /certs/tls.crt -keystore /cacerts/cacerts -storepass changeit
+          keytool -list -keystore /cacerts/cacerts -alias local
+      volumeMounts:
+        - name: certificates
+          mountPath: /certs
+        - name: shared-certs
+          mountPath: /cacerts
+  extraVolumes:
+    - name: certificates
+      secret:
+        secretName: root-secret
+        defaultMode: 420
+    - name: shared-certs
+      emptyDir: {}
+  extraVolumeMounts:
+    - name: certificates
+      mountPath: /certs
+    - name: shared-certs
+      mountPath: /opt/java/openjdk/lib/security
   miw:
     host: "managed-identity-wallets.example.org"
     authorityWallet: