Add your peer's server certificate to trusted certificate list. This is required in case your server certificate is not signed by any trusted certificate authority
- Identify JRE or JDK YouTrack runs on
- In case YouTrack runs on JRE, execute the following command:
- In case YouTrack runs on JDK, execute the following command:
In both cases:
- cert_file is either your server's certificate or CA certificate that your server's certificate is signed by
- store_pass is a password of a JRE trust store (default password is changeit).
If the peer server requires SSL authentication, you should configure the use of client SSL:
- You need to have a keystore containing your private key. It should either be PKCS12 or JKS keystore.
- When running YouTrack, provide the following additional command line parameters (you should specify these parameters before -jar parameter):
<keystore_type> value should be either pkcs12 or jks.
This case is relevant for both YouTrack WAR and ExE distributions, as long as with EXE distribution you get YouTrack with Tomcat.
Complete description of your case is available at the official Tomcat site.
If you deploy YouTrack WAR into any other supported application server, please you refer to its documentation for details about SSL key management.