Jmix 1.6.1 / IntelliJ 2024.1.3 on MacOS here. Quick deployment to AWS is failing with error “PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed” and a “NotAfter” due to expired certificate when connecting to docker daemon on AWS.
How can the certificate be renewed deploying on the same AWS instance using the quick deploy option?
I found how server and client certificates can be created on Protect the Docker daemon socket | Docker Docs . The new server certificates will be stored at the location specified in daemon.json on the AWS instance. However, where do the client certificates have to be updated? In other words, where does Jmix/IntelliJ store the docker TLS client certificates when using the quick deployment to AWS option?
Thanks for your reply. However, the issue is not with the AWS certificate but with the docker daemon certificates. The serve certificates can be renewed easily on the AWS instance (the location is stated in domain.json). The question is where the client certificate is located that jmix uses when deploying to the docker daemon on AWS?
Finally was able to resolve the issue. For anyone interested:
The IntelliJ IDEA server configurations are stored in the following xml file (MacOS):
~/Library/Application Support/JetBrains/${IDEA_VERSION}/options/remote-servers.xml
In this file, the location of the Docker TLS certificates can be found under the dockerCertsPath option of the respective configuration tag of the respective remote-server tag:
~/Library/Application Support/jmix/aws/instances/instance_${INSTANCE_ID}/sslCerts
After renewing the certificates of the docker daemon on the AWS instance and the client certificates at the mentioned location using the official instructions found on Protect the Docker daemon socket | Docker Docs everything runs smoothly now.