CLD-3rd · HeoJunHyoung · Aug 19, 2025 · Aug 19, 2025 · Aug 19, 2025 · Aug 19, 2025
diff --git a/Dockerfile b/Dockerfile
@@ -1,3 +1,16 @@
-FROM openjdk:17
+FROM openjdk:17-slim
+
+# 작업 디렉토리 설정
+WORKDIR /app
+
+# PEM 인증서를 시스템 CA 위치에 복사 (확장자 꼭 .crt여야 함)
+COPY src/main/resources/certs/rds-combined-ca-bundle.pem /usr/local/share/ca-certificates/rds-combined-ca-bundle.crt
+
+# 시스템 CA 목록 갱신 (PEM → 시스템 신뢰 CA로 등록)
+RUN apt-get update && apt-get install -y ca-certificates && update-ca-certificates
+
+# JAR 복사
 COPY build/libs/app.jar app.jar
+
+# 앱 실행
 ENTRYPOINT ["java", "-jar", "app.jar"]
diff --git a/src/main/java/com/goteego/global/security/SecurityConfig.java b/src/main/java/com/goteego/global/security/SecurityConfig.java
@@ -119,13 +119,30 @@ public SecurityFilterChain apiSecurityFilterChain(HttpSecurity http) throws Exce
     @Bean
     public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
-        configuration.setAllowedOriginPatterns(frontendProperties.getCors().getAllowedOriginPatterns());
+        configuration.setAllowedOrigins(List.of(
+                "https://www.goteego.store",
+                "https://dev.goteego.store"
+        ));
         configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
         configuration.setAllowedHeaders(List.of("Authorization", "Content-Type"));
         configuration.setAllowCredentials(true);
         configuration.setMaxAge(3600L);
+
         UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
         source.registerCorsConfiguration("/**", configuration);
         return source;
     }
+
+//    @Bean
+//    public CorsConfigurationSource corsConfigurationSource() {
+//        CorsConfiguration configuration = new CorsConfiguration();
+//        configuration.setAllowedOriginPatterns(frontendProperties.getCors().getAllowedOriginPatterns());
+//        configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS"));
+//        configuration.setAllowedHeaders(List.of("Authorization", "Content-Type"));
+//        configuration.setAllowCredentials(true);
+//        configuration.setMaxAge(3600L);
+//        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+//        source.registerCorsConfiguration("/**", configuration);
+//        return source;
+//    }
 }
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -66,6 +66,8 @@ spring:
       client-name: default
       password: ${REDIS_PASSWORD:}
       timeout: 2000
+      ssl:
+        enabled: false
       lettuce:
         pool:
           max-active: 8
@@ -77,7 +79,7 @@ spring:
     # ✅ MongoDB 설정
     ########################################
     mongodb:
-      uri: "mongodb://${MONGO_USERNAME}:${MONGO_PASSWORD}@${MONGO_HOST:localhost}:${MONGO_PORT:27017}/${MONGO_DATABASE}?tls=true&replicaSet=rs0&readPreference=secondaryPreferred&retryWrites=false&authSource=${MONGO_AUTH_DB:admin}"
+      uri: "mongodb://${MONGO_USERNAME}:${MONGO_PASSWORD}@${MONGO_HOST}:${MONGO_PORT}/${MONGO_DATABASE}?tls=true&tlsAllowInvalidHostnames=true&replicaSet=rs0&readPreference=secondaryPreferred&retryWrites=false&authSource=${MONGO_AUTH_DB:admin}"
 
   ########################################
   # ✅ Devtools 설정