Merge pull request #2092 from wazuh/change/6569-nokia-private-key-hardcoded-in-wazuh-manager-image

Removed sslmanager key from the docker manager image

CHANGELOG.md

@@ -9,6 +9,7 @@ All notable changes to this project will be documented in this file.
 
 ### Changed
 
+- Removed sslmanager key from the docker manager image. ([#2092](https://github.com/wazuh/wazuh-docker/pull/2092))
 - Backport 4.13.0 changes: Modify wazuh-keystore use ([#2036](https://github.com/wazuh/wazuh-docker/pull/2036)) \- (wazuh-keystore)
 
 ### Fixed

build-docker-images/wazuh-manager/Dockerfile

@@ -30,7 +30,9 @@ RUN yum install wazuh-manager-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
     -o /tmp/s6-overlay-amd64.tar.gz && \
     tar xzf /tmp/s6-overlay-amd64.tar.gz -C / --exclude="./bin" && \
     tar xzf /tmp/s6-overlay-amd64.tar.gz -C /usr ./bin && \
-    rm  /tmp/s6-overlay-amd64.tar.gz
+    rm  /tmp/s6-overlay-amd64.tar.gz && \
+    rm -f /var/ossec/etc/sslmanager.key && \
+    rm -f /var/ossec/etc/sslmanager.cert
 
 COPY config/etc/ /etc/
 COPY --chown=root:wazuh config/create_user.py /var/ossec/framework/scripts/create_user.py

build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init

@@ -6,8 +6,6 @@ source /permanent_data.env
 
 WAZUH_INSTALL_PATH=/var/ossec
 WAZUH_CONFIG_MOUNT=/wazuh-config-mount
-AUTO_ENROLLMENT_ENABLED=${AUTO_ENROLLMENT_ENABLED:-true}
-
 
 ##############################################################################
 # Aux functions
@@ -209,13 +207,9 @@ main() {
   # Remove some files in permanent_data (i.e. .template.db)
   remove_data_files
 
-  # Generate wazuh-authd certs if AUTO_ENROLLMENT_ENABLED is true and does not exist
-  if [ $AUTO_ENROLLMENT_ENABLED == true ]
+  if [ ! -e ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ]
   then
-    if [ ! -e ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ]
-    then
-      create_ossec_key_cert
-    fi
+    create_ossec_key_cert
   fi
 
   # Mount selected files (WAZUH_CONFIG_MOUNT) to container