I am trying to implement option 1 above but I am struggling from where to pick up the certificate files which I have packaged with my application (for experimentation I put the certificates both in the .profile.d directory and a ssl folder in my webapp).
I tried the following variants
keytool -keystore ... -storepass ... -importcert -alias MyCert -file MyCert.crt
keytool -keystore ... -storepass ... -importcert -alias MyCert -file /home/vcap/app/.java-buildpack/tomcat/webapps/ROOT/ssl/MyCert.crt
keytool -keystore ... -storepass ... -importcert -alias MyCert -file /home/vcap/app/ssl/MyCert.crt
I all cases I am getting
(No such file or directory)[App/0] OUT keytool error: java.io.FileNotFoundException: ...MyCert.crt (or similar)
( I checked using cf files myapp app/.profile.d that the files are deployed)
Does someone have an idea how to address within the profile.d script files from the deployed application?
PS: I had to put the profile.d folder into the web app root folder in order to be picked up, which makes it a public resource. The documentation is also not very clear where to put it. Any ideas in this direction would also be appreciated.