DETAILED ACTION
Office Action Summary
Claims 1-20 are pending in the instant application.
Claims 1-20 are rejected under 35 USC § 102.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –
(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claims 1-20 are rejected under 35 U.S.C. 102(a) (2) as being anticipated by Lev-Ran et al. (US Pre-Grant Publication No: 2019/0347406) hereinafter referred to as Lev-Ran.

claim 1, Lev-Ran teaches A system comprising: a processor; (Lev-Ran, figure 2, item 302)
and a memory coupled to the processor, wherein the memory is to store a digital certificate, (Lev-Ran, figure 2, item 322, teaches a storage device which generates and injects certificates, i.e. it stores a certificate even if temporarily after creation before injection)
the digital certificate is usable to establish a trusted communication between a service deployed in a container and a software program, (Lev-Ran, [0011], teaches secure end-to-end communication, also examiner would like to note that this is an intended use/not positively recited limitation and has no patentable weight)
the container is external to the memory, and (Lev-Ran, figure 2, item 320, teaches an external computing device)
the memory comprises instructions executable by the processor to: inject the digital certificate from the memory into a certificate storage location (CSL) of the container, (Lev-Ran, [0034 ]and [0066], and figure 3, teaches “When a new application container is started, the generated certificate may be injected into all predefined certificate locations in the container by any of the mechanisms described below.”)
the CSL being a location in the container designated for storing digital certificates. (Lev-Ran, [0034]and [0066], and figure 3, teaches “When a new application container is started, the generated certificate may be injected into all predefined certificate locations in the container by any of the mechanisms described below.”, the location where the certificate is stored is the location designated for the certificate)

As per claim 2, Lev-Ran teaches The system of claim 1, wherein the instructions are executable to inject the digital certificate into the container in response to initialization of the container. (Lev-Ran, [0034] and [0066], teaches “When a new application container is started, the generated certificate may be injected into all predefined certificate locations in the container by any of the mechanisms described below.”)

As per claim 3, Lev-Ran teaches The system of claim 2, wherein to inject the digital certificate into the container in response to initialization of the container, the instructions are executable by the processor to: receive a pod creation event indicating initialization of a pod comprising the container; determine a number of containers in the pod; and inject the digital certificate into each container in the pod. (Lev-Ran, [0032], teaches “In some examples, containers may be organized into pods to explicitly share a network address and a port number space.”, AND (Lev-Ran, [0034] and [0066], teaches “When a new application container is started, the generated certificate may be injected into all predefined certificate locations in the container by any of the mechanisms described below.” So the creation of a container would be a initialization of a pod)

As per claim 4, Lev-Ran teaches The system of claim 1, wherein the instructions are executable to: detect that the memory is updated with the digital certificate; and inject the digital certificate into the container in response to the detection. (Lev-Ran, [0034] and [0066], teaches “When a new application container is started, the generated certificate may be injected into all predefined certificate locations in the container by any of the mechanisms described below.”)

As per claim 5, Lev-Ran teaches The system of claim 4, wherein, to inject the digital certificate into the CSL of the container, the instructions are executable to send an injection command to a hosting system hosting the container, the injection command specifying a name of a pod comprising the container and the CSL. (Lev-Ran, [0032]-[0038], pods contain containers and name information can be included in certificates) 

As per claim 6, Lev-Ran teaches The system of claim 1, wherein the CSL is to be accessed by the service to retrieve digital certificates. (Lev-Ran, [0043])

As per claim 7, Lev-Ran teaches The system of claim 6, wherein the instructions are executable to determine the CSL based on a CSL label of a pod comprising the container. (Lev-Ran, [0032]-[0038], pods contain containers and name information can be included in certificates)

claim 8, Lev-Ran teaches The system of claim 1, wherein the digital certificate is a self-signed digital certificate.  (Lev-Ran, [0037]-[0038], teaches CA signing certificate)

Claims 9-14 teach the method claims that correspond to the system claims 1-8 and are rejected using the same rational.

Claims 15-20 teach the non-transitory computer-readable medium claims that correspond to the system claims 1-8 and are rejected using the same rational.

Other Art of Record
Levin et al. (US Pre-Grant Publication No: 2019/0190931 A1) teaches “In some implementations, encrypted traffic may be intercepted via a serverless defender utilized via loader code injected into a serverless application (e.g., injected into code of the APP container executing the application). An example technique for intercepting traffic at the application level is described further in U.S. patent application Ser. No. 16/144,347, assigned to the common assignee, the contents of which are hereby incorporated by reference. This is performed without deploying additional certificates. In another implementation, encrypted traffic may be intercepted using man-in-the-middle techniques and injecting out a trusted certificate. To this end, in such an implementation, the trusted root certificates are injected into the protected APP container.”
Ishibashi et al. (US Patent No: 7,353,541 B1) teaches “The content provider 2 adds the public key certificate (whose details will be described later) of the content provider 2 to the content provider secure container (whose details will be described later) and sends it to the service provider 3. In addition, the content provider 2 transmits the handling policy and its signature, and the certificate of the content provider 2 to the electronic distribution service center 1, if necessary.”
Ginter et al. (US Pre-Grant Publication No: 2008/012240 A1) teaches “This next participant also adds their own certificate 504(2) to the container 152 (FIG. 51G, block 592).”

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to SIMON P KANAAN whose telephone number is (571)270-3906.  The examiner can normally be reached on M-F (7AM-4PM).
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.  
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Saleh Najjar can be reached on (571) 272-4006.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SIMON P KANAAN/Primary Examiner, Art Unit 2492