Export a self-signed certificate from the GSA

To get the GSA's freshly-created certificate so that you can add it as a trusted host for the connector, follow the procedure for your preferred browser or for the command line.

Firefox

1. Navigate to the GSA's secure search at https://gsa.example.local/.
2. A warning page appears with the message, This Connection is Untrusted.

   This message appears because the certificate is self-signed and not signed by a trusted Certificate Authority.

3. Click I Understand the Risks and then click Add Exception.

   

4. Wait until the View... button is clickable, and then click it.

   

5. Go to the Details tab and click Export....

   

6. Save the certificate in your connector's directory with the name gsa.crt.
7. Click Close, and then click Cancel to close the windows.

Chrome

1. Navigate to the GSA's secure search at https://gsa.example.local/.

   A warning page appears with the message, Your Connection is not private!

2. Go to the Three Dots Menu -> More Tools -> Developer Tools. Or press F12 to enter Chrome "Developer Mode"
3. Click on the Security Tab, and press on "View certificate" button.

4. Go to the Details tab. Click on the certificate's icon in the trust hierarchy. Click Export....

5. Save the certificate in your connector's directory with the name gsa.crt. 
6. Click Close, and then click Cancel to close the windows.

OpenSSL (command-line)

1. Execute the following command:
   openssl s_client -connect gsahostname:443 < /dev/null
2. Copy the section that begins with -----BEGIN CERTIFICATE----- and ends with -----END CERTIFICATE----- (including the BEGIN and END CERTIFICATE portions) into a new file.

   

3. Save the file in your connector's directory with the name gsa.crt.