Allowing https Repositories with Self-Signed CertificateΒΆ
Warning
The use of self-signed certificate can create security risks.
The following command allows you to add self-signed certificates (exposed by your repositories) as trusted into the UForge server.
- Download the SSL self-signed certificate from the server (repository) you want to populate using the following command:
$ echo -n | openssl s_client -connect localhost:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/cert.crt
- Recreate the CA file on your UForge platform (containing all trusted CA):
$ cp /tmp/cert.crt /etc/pki/ca-trust/source/anchors/ $ update-ca-trust $ update-ca-trust enable
Create a link to use the system java keystore instead of the jre default keystore:
$ ln -s /etc/pki/java/cacerts /usr/java/latest/jre/lib/security/cacertsThe default password is
changeit
.