From 7a55370c456a0825401c0c4118af8acb8656985a Mon Sep 17 00:00:00 2001
From: Bryce Tompkins <bryce@moderne.io>
Date: Fri, 7 Mar 2025 09:15:28 -0500
Subject: [PATCH] Add steps to install Moderne cert in agent Dockerfile

---
 .../how-to-guides/agent-configuration/agent-config.md         | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/administrator-documentation/moderne-platform/how-to-guides/agent-configuration/agent-config.md b/docs/administrator-documentation/moderne-platform/how-to-guides/agent-configuration/agent-config.md
index 6908845e..84f0a58f 100644
--- a/docs/administrator-documentation/moderne-platform/how-to-guides/agent-configuration/agent-config.md
+++ b/docs/administrator-documentation/moderne-platform/how-to-guides/agent-configuration/agent-config.md
@@ -103,6 +103,10 @@ ENV MODERNE_AGENT_VERSION=${MODERNE_AGENT_VERSION}
 
 WORKDIR /app
 USER root
+# If necessary, download the Moderne tenant SSL certificate and add it to the default Java TrustStore.
+# RUN openssl s_client -showcerts -connect <tenant_name>.moderne.io:443 </dev/null 2>/dev/null | openssl x509 -outform DER > moderne_cert.der
+# RUN /opt/java/openjdk/bin/keytool -import -trustcacerts -keystore /opt/java/openjdk/lib/security/cacerts -storepass changeit -noprompt -alias moderne-cert -file moderne_cert.der
+
 RUN groupadd -r app && useradd --no-log-init -r -m -g app app && chown -R app:app /app
 USER app