From 2d122e1dc9e3c1bce44d8eb7efdb79c0fc04b34e Mon Sep 17 00:00:00 2001
From: Carlos Bordon <carlos.e.bordon@gmail.com>
Date: Wed, 26 Nov 2025 15:22:12 -0300
Subject: [PATCH 1/2] Removed sslmanager key from the docker manager image to
 4.14.2

---
 build-docker-images/wazuh-manager/Dockerfile          |  4 ++++
 .../wazuh-manager/config/etc/cont-init.d/0-wazuh-init | 11 +++--------
 2 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile
index 0433b503..5bc2cd2a 100644
--- a/build-docker-images/wazuh-manager/Dockerfile
+++ b/build-docker-images/wazuh-manager/Dockerfile
@@ -40,6 +40,10 @@ COPY config/filebeat.yml /etc/filebeat/
 
 RUN chmod go-w /etc/filebeat/filebeat.yml
 
+# Remove wazuh-authd default certs to force generation of new ones at container startup
+RUN rm -f /var/ossec/etc/sslmanager.key && \
+    rm -f /var/ossec/etc/sslmanager.cert
+
 ADD https://raw.githubusercontent.com/wazuh/wazuh/$FILEBEAT_TEMPLATE_BRANCH/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat
 RUN chmod go-w /etc/filebeat/wazuh-template.json
 
diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init
index ec2903b5..044aee8a 100644
--- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init
+++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init
@@ -6,8 +6,6 @@ source /permanent_data.env
 
 WAZUH_INSTALL_PATH=/var/ossec
 WAZUH_CONFIG_MOUNT=/wazuh-config-mount
-AUTO_ENROLLMENT_ENABLED=${AUTO_ENROLLMENT_ENABLED:-true}
-
 
 ##############################################################################
 # Aux functions
@@ -215,13 +213,10 @@ main() {
   # Remove some files in permanent_data (i.e. .template.db)
   remove_data_files
 
-  # Generate wazuh-authd certs if AUTO_ENROLLMENT_ENABLED is true and does not exist
-  if [ $AUTO_ENROLLMENT_ENABLED == true ]
+  # Create wazuh-authd key and cert if not present
+  if [ ! -e ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ]
   then
-    if [ ! -e ${WAZUH_INSTALL_PATH}/etc/sslmanager.key ]
-    then
-      create_ossec_key_cert
-    fi
+    create_ossec_key_cert
   fi
 
   # Mount selected files (WAZUH_CONFIG_MOUNT) to container

From 0602ce076d4a4df418aed186c312c69758e332ba Mon Sep 17 00:00:00 2001
From: Carlos Bordon <carlos.e.bordon@gmail.com>
Date: Wed, 26 Nov 2025 16:55:29 -0300
Subject: [PATCH 2/2] Updated changelog

---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b8e66bd8..dfb32ae0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,7 +10,7 @@ All notable changes to this project will be documented in this file.
 
 ### Changed
 
-- None
+- Removed sslmanager key from the docker manager image to 4.14.2. ([#2093](https://github.com/wazuh/wazuh-docker/pull/2093))
 
 ### Fixed