2 Copyright (C) The Arvados Authors. All rights reserved.
4 SPDX-License-Identifier: CC-BY-SA-3.0
7 h2(#ca_root_certificate). Install the CA root certificate (SSL_MODE=self-signed only)
9 Arvados uses SSL to encrypt communications. The web interface uses AJAX which will silently fail if the certificate is not valid or signed by an unknown Certification Authority.
11 For this reason, the @arvados-formula@ has a helper state to create a root certificate to authorize Arvados services. The @provision.sh@ script will leave a copy of the generated CA's certificate (@arvados-snakeoil-ca.pem@) in the script's directory so you can add it to your workstation.
13 Installing the root certificate into your web browser will prevent security errors when accessing Arvados services with your web browser.
15 # Go to the certificate manager in your browser.
16 #* In Chrome, this can be found under "Settings → Advanced → Manage Certificates" or by entering @chrome://settings/certificates@ in the URL bar.
17 #* In Firefox, this can be found under "Preferences → Privacy & Security" or entering @about:preferences#privacy@ in the URL bar and then choosing "View Certificates...".
18 # Select the "Authorities" tab, then press the "Import" button. Choose @arvados-snakeoil-ca.pem@
20 The certificate will be added under the "Arvados Formula".
22 To access your Arvados instance using command line clients (such as arv-get and arv-put) without security errors, install the certificate into the OS certificate storage.
27 <pre><code>cp arvados-root-cert.pem /usr/local/share/ca-certificates/
28 /usr/sbin/update-ca-certificates
35 <pre><code>cp arvados-root-cert.pem /etc/pki/ca-trust/source/anchors/
36 /usr/bin/update-ca-trust
projects / arvados.git / blob