[bitnami/keycloak] Release 19.0.3-debian-11-r4 (#11485)

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
2026-04-05 08:47:47 +08:00 · 2022-10-26 16:05:42 +02:00
parent 175ca20a32
commit 422cc635bd
5 changed files with 123 additions and 42 deletions
--- a/bitnami/keycloak/19/debian-11/Dockerfile
+++ b/bitnami/keycloak/19/debian-11/Dockerfile
@@ -5,7 +5,7 @@ ARG TARGETARCH

 LABEL org.opencontainers.image.authors="https://bitnami.com/contact" \
      org.opencontainers.image.description="Application packaged by Bitnami" \
-      org.opencontainers.image.ref.name="19.0.3-debian-11-r3" \
+      org.opencontainers.image.ref.name="19.0.3-debian-11-r4" \
      org.opencontainers.image.source="https://github.com/bitnami/containers/tree/main/bitnami/keycloak" \
      org.opencontainers.image.title="keycloak" \
      org.opencontainers.image.vendor="VMware, Inc." \
@@ -23,7 +23,7 @@ RUN install_packages ca-certificates curl libaio1 procps zlib1g
 RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \
    COMPONENTS=( \
      "wait-for-port-1.0.3-155-linux-${OS_ARCH}-debian-11" \
-      "java-11.0.16-1-linux-${OS_ARCH}-debian-11" \
+      "java-11.0.17-7-1-linux-${OS_ARCH}-debian-11" \
      "keycloak-19.0.3-0-linux-${OS_ARCH}-debian-11" \
      "gosu-1.14.0-155-linux-${OS_ARCH}-debian-11" \
    ) && \
--- a/bitnami/keycloak/19/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
+++ b/bitnami/keycloak/19/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json
@@ -8,10 +8,10 @@
    },
    "java": {
        "arch": "amd64",
-        "digest": "c375579c55ee13d9561dcfaeba0338a6c2f5233dc386ead63dbbb67cc974fcdb",
+        "digest": "972009952c7ab083836ce1943c7768daac74ec3cbea63eb5994b38e7c9794b75",
        "distro": "debian-11",
        "type": "NAMI",
-        "version": "11.0.16-1"
+        "version": "11.0.17-7-1"
    },
    "keycloak": {
        "arch": "amd64",
--- a/bitnami/keycloak/19/debian-11/rootfs/opt/bitnami/scripts/keycloak-env.sh
+++ b/bitnami/keycloak/19/debian-11/rootfs/opt/bitnami/scripts/keycloak-env.sh
@@ -34,18 +34,24 @@ keycloak_env_vars=(
    KEYCLOAK_CACHE_TYPE
    KEYCLOAK_CACHE_STACK
    KEYCLOAK_EXTRA_ARGS
-    KEYCLOAK_EXTRA_ARGS_PREPENDED
    KEYCLOAK_ENABLE_STATISTICS
-    KEYCLOAK_ENABLE_TLS
-    KEYCLOAK_TLS_TRUSTSTORE_FILE
-    KEYCLOAK_TLS_TRUSTSTORE_PASSWORD
-    KEYCLOAK_TLS_KEYSTORE_FILE
-    KEYCLOAK_TLS_KEYSTORE_PASSWORD
+    KEYCLOAK_ENABLE_HTTPS
+    KEYCLOAK_HTTPS_TRUST_STORE_FILE
+    KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD
+    KEYCLOAK_HTTPS_KEY_STORE_FILE
+    KEYCLOAK_HTTPS_KEY_STORE_PASSWORD
+    KEYCLOAK_HTTPS_USE_PEM
+    KEYCLOAK_HTTPS_CERTIFICATE_FILE
+    KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE
+    KEYCLOAK_SPI_TRUSTSTORE_FILE
+    KEYCLOAK_SPI_TRUSTSTORE_PASSWORD
+    KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY
    KEYCLOAK_LOG_LEVEL
    KEYCLOAK_LOG_OUTPUT
    KEYCLOAK_ROOT_LOG_LEVEL
    KEYCLOAK_PROXY
    KEYCLOAK_PRODUCTION
+    KEYCLOAK_EXTRA_ARGS_PREPENDED
    KEYCLOAK_DATABASE_HOST
    KEYCLOAK_DATABASE_PORT
    KEYCLOAK_DATABASE_USER
@@ -57,6 +63,15 @@ keycloak_env_vars=(
    KEYCLOAK_DAEMON_GROUP
    KEYCLOAK_ADMIN_USER
    KC_HOSTNAME
+    KC_HTTPS_TRUST_STORE_FILE
+    KC_HTTPS_TRUST_STORE_PASSWORD
+    KC_HTTPS_KEY_STORE_FILE
+    KC_HTTPS_KEY_STORE_PASSWORD
+    KC_HTTPS_CERTIFICATE_FILE
+    KC_HTTPS_CERTIFICATE_KEY_FILE
+    KC_SPI_TRUSTSTORE_FILE_FILE
+    KC_SPI_TRUSTSTORE_PASSWORD
+    KC_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY
    DB_ADDR
    DB_PORT
    DB_USER
@@ -109,18 +124,33 @@ export KEYCLOAK_INIT_MAX_RETRIES="${KEYCLOAK_INIT_MAX_RETRIES:-10}"
 export KEYCLOAK_CACHE_TYPE="${KEYCLOAK_CACHE_TYPE:-ispn}"
 export KEYCLOAK_CACHE_STACK="${KEYCLOAK_CACHE_STACK:-}"
 export KEYCLOAK_EXTRA_ARGS="${KEYCLOAK_EXTRA_ARGS:-}"
-export KEYCLOAK_EXTRA_ARGS_PREPENDED="${KEYCLOAK_EXTRA_ARGS_PREPENDED:-}"
 export KEYCLOAK_ENABLE_STATISTICS="${KEYCLOAK_ENABLE_STATISTICS:-false}"
-export KEYCLOAK_ENABLE_TLS="${KEYCLOAK_ENABLE_TLS:-false}"
-export KEYCLOAK_TLS_TRUSTSTORE_FILE="${KEYCLOAK_TLS_TRUSTSTORE_FILE:-}"
-export KEYCLOAK_TLS_TRUSTSTORE_PASSWORD="${KEYCLOAK_TLS_TRUSTSTORE_PASSWORD:-}"
-export KEYCLOAK_TLS_KEYSTORE_FILE="${KEYCLOAK_TLS_KEYSTORE_FILE:-}"
-export KEYCLOAK_TLS_KEYSTORE_PASSWORD="${KEYCLOAK_TLS_KEYSTORE_PASSWORD:-}"
+export KEYCLOAK_ENABLE_HTTPS="${KEYCLOAK_ENABLE_HTTPS:-false}"
+KEYCLOAK_HTTPS_TRUST_STORE_FILE="${KEYCLOAK_HTTPS_TRUST_STORE_FILE:-"${KC_HTTPS_TRUST_STORE_FILE:-}"}"
+export KEYCLOAK_HTTPS_TRUST_STORE_FILE="${KEYCLOAK_HTTPS_TRUST_STORE_FILE:-}"
+KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD="${KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD:-"${KC_HTTPS_TRUST_STORE_PASSWORD:-}"}"
+export KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD="${KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD:-}"
+KEYCLOAK_HTTPS_KEY_STORE_FILE="${KEYCLOAK_HTTPS_KEY_STORE_FILE:-"${KC_HTTPS_KEY_STORE_FILE:-}"}"
+export KEYCLOAK_HTTPS_KEY_STORE_FILE="${KEYCLOAK_HTTPS_KEY_STORE_FILE:-}"
+KEYCLOAK_HTTPS_KEY_STORE_PASSWORD="${KEYCLOAK_HTTPS_KEY_STORE_PASSWORD:-"${KC_HTTPS_KEY_STORE_PASSWORD:-}"}"
+export KEYCLOAK_HTTPS_KEY_STORE_PASSWORD="${KEYCLOAK_HTTPS_KEY_STORE_PASSWORD:-}"
+export KEYCLOAK_HTTPS_USE_PEM="${KEYCLOAK_HTTPS_USE_PEM:-false}"
+KEYCLOAK_HTTPS_CERTIFICATE_FILE="${KEYCLOAK_HTTPS_CERTIFICATE_FILE:-"${KC_HTTPS_CERTIFICATE_FILE:-}"}"
+export KEYCLOAK_HTTPS_CERTIFICATE_FILE="${KEYCLOAK_HTTPS_CERTIFICATE_FILE:-}"
+KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE="${KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE:-"${KC_HTTPS_CERTIFICATE_KEY_FILE:-}"}"
+export KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE="${KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE:-}"
+KEYCLOAK_SPI_TRUSTSTORE_FILE="${KEYCLOAK_SPI_TRUSTSTORE_FILE:-"${KC_SPI_TRUSTSTORE_FILE_FILE:-}"}"
+export KEYCLOAK_SPI_TRUSTSTORE_FILE="${KEYCLOAK_SPI_TRUSTSTORE_FILE:-}"
+KEYCLOAK_SPI_TRUSTSTORE_PASSWORD="${KEYCLOAK_SPI_TRUSTSTORE_PASSWORD:-"${KC_SPI_TRUSTSTORE_PASSWORD:-}"}"
+export KEYCLOAK_SPI_TRUSTSTORE_PASSWORD="${KEYCLOAK_SPI_TRUSTSTORE_PASSWORD:-}"
+KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY="${KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY:-"${KC_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY:-}"}"
+export KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY="${KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY:-}"
 export KEYCLOAK_LOG_LEVEL="${KEYCLOAK_LOG_LEVEL:-info}"
 export KEYCLOAK_LOG_OUTPUT="${KEYCLOAK_LOG_OUTPUT:-default}"
 export KEYCLOAK_ROOT_LOG_LEVEL="${KEYCLOAK_ROOT_LOG_LEVEL:-INFO}"
 export KEYCLOAK_PROXY="${KEYCLOAK_PROXY:-passthrough}"
 export KEYCLOAK_PRODUCTION="${KEYCLOAK_PRODUCTION:-false}"
+export KEYCLOAK_EXTRA_ARGS_PREPENDED="${KEYCLOAK_EXTRA_ARGS_PREPENDED:-}"
 KEYCLOAK_DATABASE_HOST="${KEYCLOAK_DATABASE_HOST:-"${DB_ADDR:-}"}"
 export KEYCLOAK_DATABASE_HOST="${KEYCLOAK_DATABASE_HOST:-postgresql}"
 KEYCLOAK_DATABASE_PORT="${KEYCLOAK_DATABASE_PORT:-"${DB_PORT:-}"}"
--- a/bitnami/keycloak/19/debian-11/rootfs/opt/bitnami/scripts/libkeycloak.sh
+++ b/bitnami/keycloak/19/debian-11/rootfs/opt/bitnami/scripts/libkeycloak.sh
@@ -43,21 +43,30 @@ keycloak_validate() {
    if is_boolean_yes "$KEYCLOAK_PRODUCTION"; then
        if [[ "$KEYCLOAK_PROXY" == "edge" ]]; then
            # https://www.keycloak.org/server/reverseproxy
-            if is_boolean_yes "$KEYCLOAK_ENABLE_TLS"; then
-                print_validation_error "TLS and proxy=edge are not compatible. Please set the KEYCLOAK_ENABLE_TLS variable to false when using KEYCLOAK_PROXY=edge. Review # https://www.keycloak.org/server/reverseproxy for more information about proxy settings."
+            if is_boolean_yes "$KEYCLOAK_ENABLE_HTTPS"; then
+                print_validation_error "TLS and proxy=edge are not compatible. Please set the KEYCLOAK_ENABLE_HTTPS variable to false when using KEYCLOAK_PROXY=edge. Review # https://www.keycloak.org/server/reverseproxy for more information about proxy settings."
            fi
-        elif ! is_boolean_yes "$KEYCLOAK_ENABLE_TLS"; then
+        elif ! is_boolean_yes "$KEYCLOAK_ENABLE_HTTPS"; then
            # keycloak proxy passthrough/reencrypt requires tls
-            print_validation_error "You need to have TLS enabled. Please set the KEYCLOAK_ENABLE_TLS variable to true"
+            print_validation_error "You need to have TLS enabled. Please set the KEYCLOAK_ENABLE_HTTPS variable to true"
        fi
    fi

-    if is_boolean_yes "$KEYCLOAK_ENABLE_TLS"; then
-        if is_empty_value "$KEYCLOAK_TLS_TRUSTSTORE_FILE"; then
-            print_validation_error "Path to the TLS truststore file not defined. Please set the KEYCLOAK_TLS_TRUSTSTORE_FILE variable to the mounted truststore"
-        fi
-        if is_empty_value "$KEYCLOAK_TLS_KEYSTORE_FILE"; then
-            print_validation_error "Path to the TLS keystore file not defined. Please set the KEYCLOAK_TLS_KEYSTORE_FILE variable to the mounted keystore"
+    if is_boolean_yes "$KEYCLOAK_ENABLE_HTTPS"; then
+        if is_boolean_yes "$KEYCLOAK_HTTPS_USE_PEM"; then
+            if is_empty_value "$KEYCLOAK_HTTPS_CERTIFICATE_FILE"; then
+                print_validation_error "Path to the TLS certificate not defined. Please set the KEYCLOAK_HTTPS_CERTIFICATE_FILE variable to the mounted PEM certificate"
+            fi
+            if is_empty_value "$KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE"; then
+                print_validation_error "Path to the TLS key not defined. Please set the KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE variable to the mounted PEM key"
+            fi
+        else
+            if is_empty_value "$KEYCLOAK_HTTPS_TRUST_STORE_FILE"; then
+                print_validation_error "Path to the TLS truststore file not defined. Please set the KEYCLOAK_HTTPS_TRUST_STORE_FILE variable to the mounted truststore"
+            fi
+            if is_empty_value "$KEYCLOAK_HTTPS_KEY_STORE_FILE"; then
+                print_validation_error "Path to the TLS keystore file not defined. Please set the KEYCLOAK_HTTPS_KEY_STORE_FILE variable to the mounted keystore"
+            fi
        fi
    fi

@@ -73,7 +82,7 @@ keycloak_validate() {
    check_allowed_port KEYCLOAK_HTTP_PORT
    check_allowed_port KEYCLOAK_HTTPS_PORT

-    for var in KEYCLOAK_ENABLE_TLS KEYCLOAK_ENABLE_STATISTICS; do
+    for var in KEYCLOAK_ENABLE_HTTPS KEYCLOAK_ENABLE_STATISTICS; do
        if ! is_true_false_value "${!var}"; then
            print_validation_error "The allowed values for $var are [true, false]"
        fi
@@ -220,19 +229,39 @@ keycloak_configure_proxy() {
 }

 ########################
-# Configure database settings
+# Configure HTTPS settings
 # Globals:
 #   KEYCLOAK_*
 # Arguments:
 # Returns:
 #   None
 #########################
-keycloak_configure_tls() {
-    info "Configuring TLS by setting keystore and truststore"
-    ! is_empty_value "$KEYCLOAK_TLS_KEYSTORE_PASSWORD" && keycloak_conf_set "https-key-store-password" "${KEYCLOAK_TLS_KEYSTORE_PASSWORD}"
-    ! is_empty_value "$KEYCLOAK_TLS_TRUSTSTORE_PASSWORD" && keycloak_conf_set "https-trust-store-password" "${KEYCLOAK_TLS_TRUSTSTORE_PASSWORD}"
-    keycloak_conf_set "https-key-store-file" "${KEYCLOAK_TLS_KEYSTORE_FILE}"
-    keycloak_conf_set "https-trust-store-file" "${KEYCLOAK_TLS_TRUSTSTORE_FILE}"
+keycloak_configure_https() {
+    info "Configuring Keycloak HTTPS settings"
+    if is_boolean_yes "$KEYCLOAK_HTTPS_USE_PEM"; then
+        keycloak_conf_set "https-certificate-file" "${KEYCLOAK_HTTPS_CERTIFICATE_FILE}"
+        keycloak_conf_set "https-certificate-key-file" "${KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE}"
+    else
+        ! is_empty_value "$KEYCLOAK_HTTPS_KEY_STORE_PASSWORD" && keycloak_conf_set "https-key-store-password" "${KEYCLOAK_HTTPS_KEY_STORE_PASSWORD}"
+        ! is_empty_value "$KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD" && keycloak_conf_set "https-trust-store-password" "${KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD}"
+        keycloak_conf_set "https-key-store-file" "${KEYCLOAK_HTTPS_KEY_STORE_FILE}"
+        keycloak_conf_set "https-trust-store-file" "${KEYCLOAK_HTTPS_TRUST_STORE_FILE}"
+    fi
+}
+
+########################
+# Configure SPI TLS settings
+# Globals:
+#   KEYCLOAK_*
+# Arguments:
+# Returns:
+#   None
+#########################
+keycloak_configure_spi_tls() {
+    info "Configuring Keycloak SPI TLS settings"
+    ! is_empty_value "$KEYCLOAK_SPI_TRUSTSTORE_PASSWORD" && keycloak_conf_set "spi-truststore-file-password" "${KEYCLOAK_SPI_TRUSTSTORE_PASSWORD}"
+    ! is_empty_value "$KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY" && keycloak_conf_set "spi-truststore-file-hostname-verification-policy" "${KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY}"
+    keycloak_conf_set "spi-truststore-file-file" "${KEYCLOAK_SPI_TRUSTSTORE_FILE}"

 }

@@ -266,7 +295,8 @@ keycloak_initialize() {
    keycloak_configure_cache
    keycloak_configure_loglevel
    keycloak_configure_proxy
-    is_boolean_yes "$KEYCLOAK_ENABLE_TLS" && keycloak_configure_tls
+    is_boolean_yes "$KEYCLOAK_ENABLE_HTTPS" && keycloak_configure_https
+    ! is_empty_value "$KEYCLOAK_SPI_TRUSTSTORE_FILE" && keycloak_configure_spi_tls
    true
 }

--- a/bitnami/keycloak/README.md
+++ b/bitnami/keycloak/README.md
@@ -142,7 +142,7 @@ keycloak:

 ### TLS Encryption

-The Bitnami Keycloak Docker image allows configuring TLS encryption between nodes and between server-client. This is done by mounting in `/opt/bitnami/keycloak/certs` two files:
+The Bitnami Keycloak Docker image allows configuring HTTPS/TLS encription. This is done by mounting in `/opt/bitnami/keycloak/certs` two files:

 - `keystore`: File with the server keystore
 - `truststore`: File with the server truststore
@@ -151,12 +151,22 @@ The Bitnami Keycloak Docker image allows configuring TLS encryption between node

 Apart from that, the following environment variables must be set:

- - `KEYCLOAK_ENABLE_TLS`: Enable TLS encryption using the keystore. Default: **false**.
- - `KEYCLOAK_TLS_KEYSTORE_FILE`: Path to the keystore file (e.g. `/opt/bitnami/keycloak/certs/keystore.jks`). No defaults.
- - `KEYCLOAK_TLS_TRUSTSTORE_FILE`: Path to the truststore file (e.g. `/opt/bitnami/keycloak/certs/truststore.jks`). No defaults.
- - `KEYCLOAK_TLS_KEYSTORE_PASSWORD`: Password for accessing the keystore. No defaults.
- - `KEYCLOAK_TLS_TRUSTSTORE_PASSWORD`: Password for accessing the truststore. No defaults.
+ - `KEYCLOAK_ENABLE_HTTPS`: Enable TLS encryption using the keystore. Default: **false**.
+ - `KEYCLOAK_HTTPS_KEY_STORE_FILE`: Path to the keystore file (e.g. `/opt/bitnami/keycloak/certs/keystore.jks`). No defaults.
+ - `KEYCLOAK_HTTPS_TRUST_STORE_FILE`: Path to the truststore file (e.g. `/opt/bitnami/keycloak/certs/truststore.jks`). No defaults.
+ - `KEYCLOAK_HTTPS_KEY_STORE_PASSWORD`: Password for accessing the keystore. No defaults.
+ - `KEYCLOAK_HTTPS_TRUST_STORE_PASSWORD`: Password for accessing the truststore. No defaults.
+ - `KEYCLOAK_HTTPS_USE_PEM`: Set to true to configure HTTPS using PEM certificates'. Default: **false**.
+ - `KEYCLOAK_HTTPS_CERTIFICATE_FILE`: Path to the PEM certificate file (e.g. `/opt/bitnami/keycloak/certs/tls.crt`). No defaults.
+ - `KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE`: Path to the PEM key file (e.g. `/opt/bitnami/keycloak/certs/tls.key`). No defaults.

+### SPI TLS truststore
+
+The Bitnami Keycloak Docker image supports configuring a truststore for HTTP/TLS connection with Keycloak SPIs.
+
+ - `KEYCLOAK_SPI_TRUSTSTORE_FILE`: Path to the Keycloak SPI truststore file (e.g. `/opt/bitnami/keycloak/certs-spi/truststore.jks`). No defaults.
+ - `KEYCLOAK_SPI_TRUSTSTORE_PASSWORD`: Password for decrypting the SPI truststore file. No defaults.
+ - `KEYCLOAK_SPI_TRUSTSTORE_FILE_HOSTNAME_VERIFICATION_POLICY`: Hostname verification policy for SPI connection over HTTPS/TLS

 ### Adding custom themes

@@ -215,6 +225,17 @@ After that, your changes will be taken into account in the server's behaviour.

 ## Notable Changes

+### 19-debian-11-r4
+
+- TLS environment variables have been renamed to match upstream.
+  - `KEYCLOAK_ENABLE_TLS` was renamed as `KEYCLOAK_ENABLE_HTTPS`.
+  - `KEYCLOAK_TLS_KEYSTORE_FILE` was renamed as `KEYCLOAK_TLS_KEY_STORE_FILE`.
+  - `KEYCLOAK_TLS_TRUSTSTORE_FILE` was renamed as `KEYCLOAK_TLS_TRUST_STORE_FILE`.
+  - `KEYCLOAK_TLS_KEYSTORE_PASSWORD` was renamed as `KEYCLOAK_TLS_KEY_STORE_PASSWORD`.
+  - `KEYCLOAK_TLS_TRUSTSTORE_PASSWORD` was renamed as `KEYCLOAK_TLS_TRUST_STORE_PASSWORD`.
+- HTTPS/TLS can now be configured using PEM certificates.
+- Added support to add SPI truststore file.
+
 ### 17-debian-10

 Keycloak 17 is powered by Quarkus and to deploy it in production mode it is necessary to set up TLS.
@@ -222,7 +243,7 @@ To do this you need to set `KEYCLOAK_PRODUCTION` to **true** and configure TLS

 ## Contributing

-We'd love for you to contribute to this container. You can request new features by creating an [issue](https://github.com/bitnami/containers/issues), or submit a [pull request](https://github.com/bitnami/containers/pulls) with your contribution.
+We'd love for you to contribute to this container. You can request new features by creating an [issue](https://github.com/bitnami/containers/issues) or submitting a [pull request](https://github.com/bitnami/containers/pulls) with your contribution.

 ## Issues