In Memoriam: Tai'lahr
OpenUru.org, along with the rest of the Mystonline community, is mourning the loss of Tai'lahr on October 16th, 2019.
Rest in Peace, friend.
Difference between revisions of "Foundry Certificate Installation"
m (→TortoiseHg 2.0.x (Mercurial): Minor formatting) |
(Foundry now uses a LetsEncrypt certificate) |
||
| (5 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
| − | {{ | + | {{Outdated|reason=Foundry now uses a LetsEncrypt certificate}} |
| + | |||
| + | <br> | ||
| + | '''Notice: This document is outdated. The Foundry now uses a LetsEncrypt certificate''' | ||
| + | |||
The OpenUru.org Foundry tools such as JIRA bugtracking use SSL (Secure Sockets Layer) to encrypt transactions and to give confidence that you are connected to the correct server. Currently, this is a "self-signed" certificate and not one that has been validated by the main certificate authorities, so most browsers will display a warning when you navigate to one of the Foundry pages. | The OpenUru.org Foundry tools such as JIRA bugtracking use SSL (Secure Sockets Layer) to encrypt transactions and to give confidence that you are connected to the correct server. Currently, this is a "self-signed" certificate and not one that has been validated by the main certificate authorities, so most browsers will display a warning when you navigate to one of the Foundry pages. | ||
| Line 31: | Line 35: | ||
=== Google Chrome === | === Google Chrome === | ||
Chrome (under Microsoft Windows) uses the same certificate store as Internet Explorer, so the process is very similar: Click on the following link: [http://foundry.openuru.org/assets/Foundry/foundry.crt Foundry Certificate] | Chrome (under Microsoft Windows) uses the same certificate store as Internet Explorer, so the process is very similar: Click on the following link: [http://foundry.openuru.org/assets/Foundry/foundry.crt Foundry Certificate] | ||
| − | The "Downloads" popup will appear along with another window asking if you want to open or save the file "foundry.crt". Click "Open" and a new popup will appear titled "File Download - Security Warning". Click "Open" and the certificate details will be displayed in a new popup wher you can inspect them. On the "General" tab, click "Install Certificate...". When the Certificate Import Wizard appears click "Next>", then on the Certificate Store page select "Automatically select the certificate store based on the type of certificate" and click "Next>" and then "Finish". Another popup will appear titled "Security Warning" and asking "Do you want to install this certificate?" - Click "Yes". You should get a message telling you that the import was successful. Click "OK" on any remaining dialog boxes. The certificate is now installed, and when visiting the Foundry | + | The "Downloads" popup will appear along with another window asking if you want to open or save the file "foundry.crt". Click "Open" and a new popup will appear titled "File Download - Security Warning". Click "Open" and the certificate details will be displayed in a new popup wher you can inspect them. On the "General" tab, click "Install Certificate...". When the Certificate Import Wizard appears click "Next>", then on the Certificate Store page select "Automatically select the certificate store based on the type of certificate" and click "Next>" and then "Finish". Another popup will appear titled "Security Warning" and asking "Do you want to install this certificate?" - Click "Yes". You should get a message telling you that the import was successful. Click "OK" on any remaining dialog boxes. The certificate is now installed, and when visiting the Foundry the padlock symbol on the left of the URL bar should turn green. However, you may need to restart your browser before the certificate is recognized. |
=== Apple Safari === | === Apple Safari === | ||
| Line 38: | Line 42: | ||
=== Opera === | === Opera === | ||
| − | + | Using the Opera browser to access an SSL page on the Foundry will cause the browser to raise a "Security Issue" popup box. The text in this box says ''The server's certificate chain is incomplete, and the signer(s) are not registered. Accept?'' You can examine the description of the certificate with the "Security" tab on this popup. If you are satisfied with the information and wish to use the certificate, click the ''Approve'' button, and the certificate will be stored in Opera's trusted certificate list, and you will be able to browse secured pages from the Foundry. | |
| + | |||
| + | If you wish to manually install the certificate in Opera, click on the certificate link: [http://foundry.openuru.org/assets/Foundry/foundry.crt Foundry Certificate]. A "Install Certificate" popup window will appear, showing the certificate from '''foundry.openuru.org''' You can click the "View" button to display information about the certificate. You can then click the "Install" button to install the certificate or "Cancel" to ignore the certificate and not change Opera's certificate list. | ||
== Repository Installation == | == Repository Installation == | ||
| Line 53: | Line 59: | ||
# In the last box on that line put the project name (e.g CWE) see the [http://www.openuru.org/pages/Development.php Development] page under Foundry Repositories | # In the last box on that line put the project name (e.g CWE) see the [http://www.openuru.org/pages/Development.php Development] page under Foundry Repositories | ||
# Now click on the '''Padlock Button''' next to the drop down box | # Now click on the '''Padlock Button''' next to the drop down box | ||
| − | # Choose the second option '''Verify with stored host fingerprint (good)''' under Secure HTTPS Connection and Click '''Query''' The fingerprint is (as of this writing) <code>32:1b:b2:1c:9a:fe:d9:17:b0:78:76:ea:87:68:ad:1a:34:ab:a8:8e</code> | + | # Choose the second option '''Verify with stored host fingerprint (good)''' under Secure HTTPS Connection and Click '''Query'''. The fingerprint is (as of this writing): <code>32:1b:b2:1c:9a:fe:d9:17:b0:78:76:ea:87:68:ad:1a:34:ab:a8:8e</code> |
# Put your Username (all lowercase) and Password for your JIRA Account in the appropriate boxes and click '''Save''' | # Put your Username (all lowercase) and Password for your JIRA Account in the appropriate boxes and click '''Save''' | ||
# On the right hand side of the screen is a '''Save''' button click it and the Save on the window that pops up | # On the right hand side of the screen is a '''Save''' button click it and the Save on the window that pops up | ||
| Line 64: | Line 70: | ||
=== TortoiseSVN (Subversion) === | === TortoiseSVN (Subversion) === | ||
There is no requirement to install the certificate for TortoiseSVN. | There is no requirement to install the certificate for TortoiseSVN. | ||
| + | |||
| + | === MacHg (Mercurial) === | ||
| + | # Append the certificate to the end of your ~/Library/Application Support/MacHg/TrustedCertificates.pem file. | ||
Latest revision as of 15:47, 7 July 2019
Notice: This document is outdated. The Foundry now uses a LetsEncrypt certificate
The OpenUru.org Foundry tools such as JIRA bugtracking use SSL (Secure Sockets Layer) to encrypt transactions and to give confidence that you are connected to the correct server. Currently, this is a "self-signed" certificate and not one that has been validated by the main certificate authorities, so most browsers will display a warning when you navigate to one of the Foundry pages.
You can avoid these warnings by installing the certificate in your browser's certificate store. This can be done when you first visit the foundry, but the methods vary greatly across browsers. It is perhaps easier to manually install the certificate before visting the Foundry. The certificate will also need to be installed in repository tools (Mercurial or Subversion) if you intend using SSL to access the Foundry repositories.
The instructions given here relate to the Windows versions of the applications.
Obtaining the Certificate
(For manual installation into applications not listed below)
Download a copy of the certificate using this link: Foundry Certificate
Browser Installation
Please read the instructions so you know what to do before clicking on the link to the certificate, or right click the link and open it in a new tab or window.
Firefox
Click on the following link: Foundry Certificate A popup will appear titled "Downloading Certificate". Mark the check box for "Trust this CA to identify web sites" then click "OK" (you may wish to click "View" to check the certificate details first). The certificate is now installed, and when visiting the Foundry you should see the padlock symbol at the bottom right of your browser: hovering the mouse pointer over this should show "Authenticated by OpenUru.org"
Note: Firefox 3.6.0 contains a bug which may cause loss of data when using JIRA - users should upgrade their Firefox installation to 3.6.2 or later.
Internet Explorer
Click on the following link: Foundry Certificate A popup will appear titled "File Download - Security Warning". Click "Open" and the certificate details will be displayed in a new popup wher you can inspect them. On the "General" tab, click "Install Certificate...". When the Certificate Import Wizard appears click "Next>", then on the Certificate Store page select "Automatically select the certificate store based on the type of certificate" and click "Next>" and then "Finish". Another popup will appear titled "Security Warning" and asking "Do you want to install this certificate?" - Click "Yes". You should get a message telling you that the import was successful. Click "OK" on any remaining dialog boxes. The certificate is now installed, and when visiting the Foundry you should see the padlock symbol to the right of the URL bar with a blue background.
Note: If you install the certificate using Internet Explorer as described above, then you should find that the certificate will automatically be trusted by Safari and Chrome browsers on the same machine, since both of these use the Windows Internet Settings.
Google Chrome
Chrome (under Microsoft Windows) uses the same certificate store as Internet Explorer, so the process is very similar: Click on the following link: Foundry Certificate The "Downloads" popup will appear along with another window asking if you want to open or save the file "foundry.crt". Click "Open" and a new popup will appear titled "File Download - Security Warning". Click "Open" and the certificate details will be displayed in a new popup wher you can inspect them. On the "General" tab, click "Install Certificate...". When the Certificate Import Wizard appears click "Next>", then on the Certificate Store page select "Automatically select the certificate store based on the type of certificate" and click "Next>" and then "Finish". Another popup will appear titled "Security Warning" and asking "Do you want to install this certificate?" - Click "Yes". You should get a message telling you that the import was successful. Click "OK" on any remaining dialog boxes. The certificate is now installed, and when visiting the Foundry the padlock symbol on the left of the URL bar should turn green. However, you may need to restart your browser before the certificate is recognized.
Apple Safari
On Microsoft Windows, Safari uses the same certificate store as Internet Explorer, so the process is very similar: Click on the following link: Foundry Certificate The "Downloads" popup will appear along with another window asking if you want to open or save the file "foundry.crt". Click "Open" and a new popup will appear titled "File Download - Security Warning". Click "Open" and the certificate details will be displayed in a new popup wher you can inspect them. On the "General" tab, click "Install Certificate...". When the Certificate Import Wizard appears click "Next>", then on the Certificate Store page select "Automatically select the certificate store based on the type of certificate" and click "Next>" and then "Finish". Another popup will appear titled "Security Warning" and asking "Do you want to install this certificate?" - Click "Yes". You should get a message telling you that the import was successful. Click "OK" on any remaining dialog boxes. The certificate is now installed, and when visiting the Foundry you should see the padlock symbol to the right of the URL bar.
Opera
Using the Opera browser to access an SSL page on the Foundry will cause the browser to raise a "Security Issue" popup box. The text in this box says The server's certificate chain is incomplete, and the signer(s) are not registered. Accept? You can examine the description of the certificate with the "Security" tab on this popup. If you are satisfied with the information and wish to use the certificate, click the Approve button, and the certificate will be stored in Opera's trusted certificate list, and you will be able to browse secured pages from the Foundry.
If you wish to manually install the certificate in Opera, click on the certificate link: Foundry Certificate. A "Install Certificate" popup window will appear, showing the certificate from foundry.openuru.org You can click the "View" button to display information about the certificate. You can then click the "Install" button to install the certificate or "Cancel" to ignore the certificate and not change Opera's certificate list.
Repository Installation
TortoiseHg 2.0.x (Mercurial)
If you have tried to use the "Clone Repository" command to create the Mercurial repository and found that it came back with an error like "SSL: Server certificate verify failed" then try the steps below.
- Open TortoiseHg Workbench
- Click on New Repository in the File Menu
- Browse to the folder that you want to save the source to. This folder must be empty.
- Now the buttons on the toolbar close to the top of the window should be lit up.
- Select the green recycle-like icon that will bring up the synchronize settings in the lower part of the screen under Remote Repository
- In the drop down box select: https
- In the first box put foundry.openuru.org/hg
- In the last box on that line put the project name (e.g CWE) see the Development page under Foundry Repositories
- Now click on the Padlock Button next to the drop down box
- Choose the second option Verify with stored host fingerprint (good) under Secure HTTPS Connection and Click Query. The fingerprint is (as of this writing):
32:1b:b2:1c:9a:fe:d9:17:b0:78:76:ea:87:68:ad:1a:34:ab:a8:8e - Put your Username (all lowercase) and Password for your JIRA Account in the appropriate boxes and click Save
- On the right hand side of the screen is a Save button click it and the Save on the window that pops up
- On the same toolbar used in step 5. Click on the button with the two yellow cylinders and the green arrow pointing towards you. This is the Pull incoming changes button.
- After the download is complete you must update the local repository before being able to use it. Open the Output Log either by using Ctrl + L or in the View menu as Show Output Log
- After the % sign on the last line of the Output Log type:
hg update - You should get a command completed successfully line.
- You are now ready to work on/view the code.
TortoiseSVN (Subversion)
There is no requirement to install the certificate for TortoiseSVN.
MacHg (Mercurial)
- Append the certificate to the end of your ~/Library/Application Support/MacHg/TrustedCertificates.pem file.