How to manage SSL (TLS) certificates¶
Server certificate validation¶
By default, when a remote is added, if the URL schema is
https, the Conan client will verify
the certificate using a list of authorities declared in the
cacert.pem file located in the Conan home (~/.conan).
If you have a self signed certificate (not signed by any authority) you have two options:
- Use the conan remote command to disable the SSL verification.
- Append your server
crtfile to the
If your server is requiring client certificates to validate a connection from a Conan client, you need to create two files in the Conan home directory (default ~/.conan):
- A file
client.crtwith the client certificate.
- A file
client.keywith the private key.
You can create only the
client.crt file containing both the certificate and the private key
concatenated and not create the
If you are a familiar with the curl tool, this mechanism is
similar to specify the