To get the GSA's freshly-created certificate so that you can add it as a trusted host for the connector, follow the procedure for your preferred browser or for the command line.
Firefox
- Navigate to the GSA's secure search at https://gsa.example.local/.
- A warning page appears with the message, This Connection is Untrusted.
This message appears because the certificate is self-signed and not signed by a trusted Certificate Authority.
- Click I Understand the Risks and then click Add Exception.
- Wait until the View... button is clickable, and then click it.
- Go to the Details tab and click Export....
- Save the certificate in your connector's directory with the name gsa.crt.
- Click Close, and then click Cancel to close the windows.
Chrome
- Navigate to the GSA's secure search at https://gsa.example.local/.
A warning page appears with the message, Your Connection is not private!
- Go to the Three Dots Menu -> More Tools -> Developer Tools. Or press F12 to enter Chrome "Developer Mode"
- Click on the Security Tab, and press on "View certificate" button.
-
Go to the Details tab. Click on the certificate's icon in the trust hierarchy. Click Export....
- Save the certificate in your connector's directory with the name gsa.crt.
- Click Close, and then click Cancel to close the windows.
OpenSSL (command-line)
- Execute the following command:
openssl s_client -connect gsahostname:443 < /dev/null - Copy the section that begins with
-----BEGIN CERTIFICATE-----and ends with-----END CERTIFICATE-----(including the BEGIN and END CERTIFICATE portions) into a new file. - Save the file in your connector's directory with the name gsa.crt.
