Runner connection to a Runbook Automation Self-Hosted using self signed certificate
Runner connection to a Runbook Automation Self-Hosted using self signed certificate
We recommend the usage of real certificates, but we also know that there are situations when you need to test using self signed certificates.
If Runbook Automation Self-Hosted is configured to use a self signed certificate, here is how to launch the Runner for a successful connectivity.
Note
Below steps work also when Runbook Automation is behind a Load Balancer using self signed certificate.
There are several ways to set the Runbook Automation's certificate where the Runner will be launched.
Cacerts file
Add the process_automation.crt
certificate to the OS's cacerts file.
sudo keytool -import -alias MYALIAS -file process_automation.crt -cacerts -storepass changeit
To verify it is imported:
sudo keytool -list -cacerts -storepass changeit | grep MYALIAS
Other truststore
Tip
Keep in mind the file:
part in the path field.
Directly from command line
java -Dmicronaut.ssl.trust-store.path=file:/path/to/truststore -Dmicronaut.ssl.trust-store.password=PASSWORD -jar runner.jar
Using environment variables
export MICRONAUT_HTTP_CLIENT_SSL_TRUST_STORE_PATH=file:/path/to/truststore
export MICRONAUT_HTTP_CLIENT_SSL_TRUST_STORE_PASSWORD=PASSWORD
java -jar runner.jar
From a config file
Config file:
cat application.yaml
micronaut:
http:
client:
ssl:
enabled: true
trust-store:
path: file:/path/to/truststore
password: PASSWORD
java -Dmicronaut.config.files=/path/to/application.yaml -jar runner.jar
Docker env vars
MICRONAUT_HTTP_CLIENT_SSL_TRUST_STORE_PATH=file:/path/to/truststore
MICRONAUT_HTTP_CLIENT_SSL_TRUST_STORE_PASSWORD=PASSWORD
Truststore file must be in the proper path in the image.