Allowing https Repositories with Self-Signed Certificate¶
The use of self-signed certificate can create security risks.
The following command allows you to add self-signed certificates (exposed by your repositories) as trusted into the UForge server.
- Download the SSL self-signed certificate from the server (repository) you want to populate using the following command:$ echo -n | openssl s_client -connect localhost:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/cert.crt
- Recreate the CA file on your UForge platform (containing all trusted CA):$ cp /tmp/cert.crt /etc/pki/ca-trust/source/anchors/ $ update-ca-trust $ update-ca-trust enable
Create a link to use the system java keystore instead of the jre default keystore:$ ln -s /etc/pki/java/cacerts /usr/java/latest/jre/lib/security/cacerts
The default password is