Setting up SSL for SCM-Manager with Microsoft CA and TortoiseHg
You can configure SSL for SCM-Manager so that the communication of your repositories are encrypted.
Recommend doing the certificate things on a non-Server-OS PC
- Get JDK, the installation help can be found here
- Create a public/private key pair in a keystore
keytool -genkey -keyalg RSA -alias scm -keystore keystore.jks
- Then you will be asked to provide the password to protect the keystore, and info about your organization, at last, type
yes
to confirm the creation.
- Request a trusted certificate
keytool -certreq -alias scm -keystore keystore.jks -file scm.csr
- Open
scm.csr
with Notepad and copy its the content - Login to your CA server, for example: https://CA/certsrv/
- Click Request a certificate
- Click advanced certificate request
- Click Submit a certificate request by using a base-64-encoded ..
- Paste the content into Base-64-encoded certificate request
- Choose Web Server for Certificate Template
- Click the Submit button
- The default DER encode is fine, download the certificate file, name it
scm.cer
- Also, download the CA certificate, name it
rootCA.cer
- Import both CA and the requested certificate into keystore
keytool -import -alias root -file rootCA.cer -keystore keystore.jks
keytool -import -alias scm -file scm.cer -keystore keystore.jks
Now you can copy the keystore.jks
file to the server under D:\scm-server\conf
, and start configuring Jetty
- Edit the
server-config.xml
file- Uncomment the
SSL-Connector
section - Specify passwords to the
keystore.jks
file, they can be in clear text, obfuscated, checksummed or encrypted
- Uncomment the
- Restart the
scm-server
service
Configuring TortoiseHg
When saving the path, choose Verify with stored host fingerprint in the Security window, and click the Query button.
References:
https://support.quest.com/SolutionDetail.aspx?id=SOL86932
https://bitbucket.org/sdorra/scm-manager/wiki/scm-server-ssl
http://mercurial.selenic.com/wiki/CACertificates
https://bitbucket.org/tortoisehg/thg/issue/63/cannot-pull-push-to-https-server-with-self
Setting up SSL for SCM-Manager with Microsoft CA and TortoiseHg的更多相关文章
- androidstudio连接SCM Manager上的Git库
1.在SCM Manager里创建一个Git库 在androidstudio里选中从版本控制里导入 输入git库的地址,接下来一路点击下一步 完成之后会可以在工程里创建文件或者从别的地方把完整项目拷贝 ...
- last error : SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate veri
今天在用搜狐提供的邮件群发系统的sdk,做发送邮件的测试时,提示: last error : SSL certificate problem, verify that the CA cert is O ...
- Configuring SSL on Enterprise Manager and the SLB (Release 12.1.0.2 and later)
From: http://docs.oracle.com/html/E24089_42/ha_setup.htm#sthref833 If the SLB is configured to use T ...
- git clone 出错SSL certificate problem, verify that the CA cert is OK.
先调用这个 export GIT_SSL_NO_VERIFY=true 之后再执行git clone
- Hadoop生态圈-使用FreeIPA安装Kerberos和LDAP
Hadoop生态圈-使用FreeIPA安装Kerberos和LDAP 作者:尹正杰 版权声明:原创作品,谢绝转载!否则将追究法律责任. 有些大数据平台只是简单地通过防火墙来解决他们的网络安全问题.十分 ...
- 微软企业库5.0 学习之路——第八步、使用Configuration Setting模块等多种方式分类管理企业库配置信息
在介绍完企业库几个常用模块后,我今天要对企业库的配置文件进行处理,缘由是我打开web.config想进行一些配置的时候发现web.config已经变的异常的臃肿(大量的企业库配置信息充斥其中),所以决 ...
- 配置oracle的ssl连接
配置oracle的ssl连接 网上也没有中文资料,我硬着头皮看官方文档肯完,终于配置成功,下面是我配置步骤 配置安全套接层连接oracle 目录 1. 配置简介 1 2 ...
- 新版Microsoft Azure Web管理控制台 - Microsoft Azure New Portal - (3)
之前我们多次提到过Resource Manager,也知道Resource Manager是Microsoft Azure提供的一种新型资源管理模式.在Service Management模式(Cla ...
- SSL/TLS加密传输与数字证书解读
什么是ssl? secure socket layer(ssl)协议最初由netscape企业发展,现已成为网络用来鉴别网站和网页浏览者身份,以及在浏览器使用者及网页服务器之间进行加密通讯的全球化标准 ...
随机推荐
- 拦截js方法备忘录
很明显,以下代码拦截了fusion2.dialog.invite,然后在页面执行fusion2.dialog.invite方法的时候修改了参数中的img. <script> var old ...
- Xcode 升级成Xcode 8 版本以后,出现 Signing for "sqlite3--test" requires a development team. 问题的解决
升级xcode到8版本以后,工程文件会出现以下提示 解决办法就是,点击Team,添加自己的appid,然后选择自己的appid即可, 注意: 这里不需要开发者账号,自己的 apple id,就可以”:
- testlink简单部署
CentOS+LAMP+testlink 环境 系统 CentOS6.5 软件 testlink-1.9.14 IP 192.168.0.158 部署 LAMP环境搭建 remi配置 wget htt ...
- Bootstrap自带的一些预定义的按钮颜色
浅蓝色 btn-info 被用在那些用户可能会采取的操作上. 红色btn-danger被用来提醒用户该操作具有“破坏性”,例如删除一张猫的图片.
- lockfree
为什么要lockfree 按我的理解, lockfree就是不去 调用操作系统给定的锁机制. 1. 会有system call, and system call is expensive; 比如pt ...
- mac os 体验
苹果电脑和苹果手机不同,不需要苹果ID就可以使用. 之后依次安装xcode, visual studio code, flash player. eclipse 还没有安装成功.
- 我的github代码库
我的github代码库地址:https://github.com/gooree.Enjoy coding,enjoy sharing.
- C# final project
Problem Statement You are tasked with developing a task manager. The task manager will allow people ...
- CreateCompatibleDC 与 CreateCompatibleBitmap 小小结
通常使用CreateCompatibleBitmap时候都会用到CreateCompatibleDC.而是用CreateCompatibleDC的目的不是为CreateCompatibleBitmap ...
- windows编程:第一个windows程序
#define WIN32_LEAN_AND_MEAN #include <windows.h> #include <windowsx.h> #include <math ...