Need help with other JFrog products?
JFrog Enterprise+
JFrog Mission Control
JFrog Xray
JFrog Distribution
[JFrog Pipelines]
JFrog Bintray
JFrog Access
JFrog CLI
...
width | 75% |
---|
...
For outbound Artifactory connections (remote repositories, external authentication servers...) intended for SSL self-signed/internal CA signed certificates URL endpoints, you may use use one of the following ways to establish trusts based on your certificates:
Download/acquire the certificate(s) of the SSL secured server openssl s_client -connect <secure authentication server IP and port> -showcerts < /dev/null > server.ca.
Info | ||
---|---|---|
| ||
RED HAT CDN openssl s_client -connect cdn.redhat.com:443 -showcerts < /dev/null > server.ca LDAP or Active Directory:
|
cacerts
file of your Java installationcacerts
file by copying the cacerts
file to the Artifactory configuration dir. This may vary depending on the installation and its usually under JAVA_HOME/jre/lib/security.Example : cp /usr/lib64/jvm/java-1_6_0-ibm-1.6.0/jre/lib/security/cacerts /etc/opt/jfrog/artifactory/
keytool -import -alias myca -keystore /etc/opt/jfrog/artifactory/cacerts -trustcacerts -file server.ca
=> Password: changeit
=> Agree to add the certificate
artifactory
userchmod 755 /etc/opt/jfrog/artifactory/cacerts
chown artifactory:users /etc/opt/jfrog/artifactory/cacerts
cacerts
file OR you could change the startup script to include the cacerts in the JAVA_OPTIONS.echo "export JAVA_OPTIONS=\"\$JAVA_OPTIONS -Djavax.net.ssl.trustStore=/etc/opt/jfrog/artifactory/cacerts\"" >> /etc/opt/jfrog/artifactory/default