main
ROOT /
pages /
trust-self-signed-certificate.md
22 lines | ISO-8859-1 | 1 KB

Trust Self Signed Certificate


In case a self-signed certificate is used in reverse proxy setup, OneDev should be configured to trust the certificate, otherwise, builds running in Kubernetes cluster will have issues talking to OneDev server

  1. If you are running OneDev as docker container:

    • Copy the public certificate in PEM format into a folder on host machine, say /path/to/trust-certs
    • Restart OneDev container with below command:

      docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(which docker):/usr/bin/docker -v $(pwd)/onedev:/opt/onedev -v /path/to/trust-certs:/opt/onedev/conf/trust-certs -e trust_certs=trust-certs -p 6610:6610 -p 6611:6611 1dev/server
      
  2. If you are deploying OneDev into Kubernetes:

    • Edit /path/to/k8s-resources/trust-certs/kustomization.yaml to add absolute path to public certificate in PEM format under files section
    • Run command kubectl apply -k . from directory /path/to/k8s-resources/trust-certs to apply the change
  3. If you are running OneDev on bare metal machine:

    • Copy the public certificate in PEM format into folder /opt/ondev/conf/trust-certs (assume OneDev is installed at /opt/onedev, same as below)
    • Edit file /opt/onedev/conf/server.properties to uncomment property trust_certs:

      trust_certs=trust-certs
      
    • Restart OneDev server to take the change into effect
Please wait...
Page is in error, reload to recover