From 705fbeaf9760d63138fb7866f070d72597047dad Mon Sep 17 00:00:00 2001 From: Croft Date: Mon, 14 Aug 2023 13:18:42 +0200 Subject: [PATCH 1/2] Added advice for finding PEM files --- README.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/README.md b/README.md index 99f1157..e4ccb7c 100644 --- a/README.md +++ b/README.md @@ -235,6 +235,21 @@ Even within your internal network, the Bridgehead enforces HTTPS for all service All of the Bridgehead's outgoing connections are secured by transport encryption (TLS) and a Bridgehead will refuse to connect if certificate verification fails. If your local forward proxy server performs TLS termination, please place its CA certificate in `/etc/bridgehead/trusted-ca-certs` as a `.pem` file, e.g. `/etc/bridgehead/trusted-ca-certs/mylocalca.pem`. Then, all Bridgehead components will pick up this certificate and trust it for outgoing connections. +To find the certificate file, first run the following: + +``` +curl -v https://broker.bbmir.samply.de/v1/health +``` + +In the output, look out for the line: + + +``` +successfully set certificate verify locations: +``` + +Here a file will be mentioned, perhaps in the directory /etc/ssl/certs. The exact location will depend on your operating system. This is the file that you need to copy. + ### File structure - `/srv/docker/bridgehead` contains this git repository with the shell scripts and *project-specific configuration*. In here, all files are identical for all sites. You should not make any changes here. From 42300e923f271460eb70f8785135fa86b960cdd6 Mon Sep 17 00:00:00 2001 From: Croft Date: Wed, 30 Aug 2023 11:53:06 +0200 Subject: [PATCH 2/2] Corrected URL --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 38a854f..abae503 100644 --- a/README.md +++ b/README.md @@ -240,7 +240,7 @@ All of the Bridgehead's outgoing connections are secured by transport encryption To find the certificate file, first run the following: ``` -curl -v https://broker.bbmir.samply.de/v1/health +curl -v https://broker.bbmri.samply.de/v1/health ``` In the output, look out for the line: