Story
As a DHC user I would like to be able to re-use the same certificates for the DCH as the VCH

Details
The documentation says (correctly) that to use existing certificates you must copy the following files into the DCH container before start:

• /certs/docker.crt
• /certs/docker.key
• /certs/ca.pem

However the code requires that an additional three certificates be present which are not required and SHOULD NOT be present in a server (see

Workaround
The vch folder in the docker cp commands below is the VCH certificate directory that holds the generated certificates. The VCH is configured with tlsverify and the environment is configured with DOCKER_HOST, DOCKER_TLS_VERIFY, and DOCKER_CERT_PATH.

$ echo $DOCKER_HOST
192.168.78.127:2376
$ docker create --name build-slave -p 12376:2376 vmware/dch-photon:1.13 -tlsverify
$ docker cp vch/ca.pem build-slave:/certs/ca.crt
$ docker cp vch/server-key.pem build-slave:/certs/docker.key
$ docker cp vch/server-cert.pem build-slave:/certs/docker.crt
$
$ # work around the check for files that are not needed
$ touch vch/tmp
$ docker cp vch/tmp build-slave:/certs/ca-key.pem
$ docker cp vch/tmp build-slave:/certs/docker-client.key
$ docker cp vch/tmp build-slave:/certs/docker-client.crt
$
$ docker start build-slave
$ docker -H $(docker port build-slave 2376) --tlsverify info
....