From 7cf6829eb0dcdcf14751b1333b1bb0d91bf302ee Mon Sep 17 00:00:00 2001
From: kh-amir-tn <amir.khemissi@insat.u-carthage.tn>
Date: Fri, 10 Dec 2021 15:45:34 +0100
Subject: [PATCH] GIT-2927: Fixed Greenlight doesn't handle the Let's Encrypt
 CA switch (Fixes #2927)

---
 Dockerfile | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index c350ef870d..09ae4fa25f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -65,10 +65,13 @@ ENV VERSION_CODE=$version_code
 
 # Set executable permission to start file
 RUN chmod +x bin/start
-
-# FIXME / to remove / https://github.com/nahi/httpclient/issues/445
-RUN cat /etc/ssl/certs/ca-certificates.crt \
-    >/usr/src/app/vendor/bundle/ruby/2.7.0/gems/httpclient-2.8.3/lib/httpclient/cacert.pem
-
+# Update HTTPClient cacert.pem with the latest Mozilla cacert.pem
+RUN wget https://curl.se/ca/cacert.pem https://curl.se/ca/cacert.pem.sha256 -P /tmp
+RUN cd /tmp && sha256sum cacert.pem > cacert.pem.sha256sum && cd ${RAILS_ROOT}
+RUN diff /tmp/cacert.pem.sha256sum /tmp/cacert.pem.sha256
+RUN mv -v /tmp/cacert.pem $(bundle info httpclient --path)/lib/httpclient/ && rm -v /tmp/cacert*
+
+# Update Openssl certs [This is for Faraday adapter for Net::HTTP]
+RUN [[ $(id -u) -eq 0 ]] && update-ca-certificates
 # Start the application.
 CMD ["bin/start"]