Description
I am using a project using php-saml (https://www.kimai.org/) in docker which authenticates to authentik (https://goauthentik.io) via SAML.
All works fine, when i manually set x509cert to the value of our authentik certificate which is generated by lets encrpyt. If i omit the x509cert- Value, the request fails and won't authenticate. Also if i set the wrong value there.
As let's encrypt certificates are often changing, i need to manually convert the certificates value in some x509cert- string and replace the value every view weeks plus refreshing the application cache, which is annoying.
The certificate- folder of letsencrypt is containing the pem- files and crt and key- files like authentik.domain.tld.key
But when i set /etc/ssl/certs of kimai to those files, only an error is thrown from saml-php.
The folder /etc/ssl in kimai looks like
c5f1961d9c51:/etc/ssl# ls -l
total 52
lrwxrwxrwx 1 root root 25 Nov 30 09:32 cert.pem -> certs/ca-certificates.crt
drwxr-xr-x 11 1000 1000 4096 Jan 23 14:39 certs
-rw-r--r-- 1 root root 412 Nov 11 00:00 ct_log_list.cnf
-rw-r--r-- 1 root root 412 Nov 11 00:00 ct_log_list.cnf.dist
drwxr-xr-x 2 root root 4096 Nov 30 09:32 misc
-rw-r--r-- 1 root root 12324 Nov 11 00:00 openssl.cnf
-rw-r--r-- 1 root root 12324 Nov 11 00:00 openssl.cnf.dist
drwxr-xr-x 2 root root 4096 Nov 30 09:32 private
whereas cert.pem won't resolve to let's encrypts files, as ca-ertificates.crt is not existent.
Does anybody have a quick solution how to use the let's encrypted certificates that way, that i do not need the x509cert- Value in php-saml config?