Runner connection to a Runbook Automation Self-Hosted using self signed certificate

We recommend the usage of real certificates, but we also know that there are situations when you need to test using self signed certificates. If Runbook Automation Self-Hosted is configured to use a self signed certificate, here is how to launch the Runner for a successful connectivity.

Note

Below steps work also when Runbook Automation is behind a Load Balancer using self signed certificate.

There are several ways to set the Runbook Automation's certificate where the Runner will be launched.

Cacerts file

Add the process_automation.crt certificate to the OS's cacerts file.

sudo keytool -import -alias MYALIAS -file process_automation.crt -cacerts -storepass changeit

To verify it is imported:

sudo keytool -list -cacerts -storepass changeit | grep MYALIAS

Other truststore

Tip

Keep in mind the file: part in the path field.

Directly from command line

java -Dmicronaut.ssl.trust-store.path=file:/path/to/truststore -Dmicronaut.ssl.trust-store.password=PASSWORD -jar runner.jar

Using environment variables

export MICRONAUT_HTTP_CLIENT_SSL_TRUST_STORE_PATH=file:/path/to/truststore
export MICRONAUT_HTTP_CLIENT_SSL_TRUST_STORE_PASSWORD=PASSWORD
java -jar runner.jar

From a config file

Config file:

cat application.yaml
micronaut:
  http:
    client:
      ssl:
        enabled: true
        trust-store:
          path: file:/path/to/truststore
          password: PASSWORD

java -Dmicronaut.config.files=/path/to/application.yaml -jar runner.jar

Docker env vars

MICRONAUT_HTTP_CLIENT_SSL_TRUST_STORE_PATH=file:/path/to/truststore
MICRONAUT_HTTP_CLIENT_SSL_TRUST_STORE_PASSWORD=PASSWORD

Truststore file must be in the proper path in the image.

Resources

Enterprise Runner
Micronaut