| 1 | = Maven Repository = |
| 2 | We have our own Maven repository exclusively for mod development located at [https://gauss.extollit.com/mvn] (and nothing else). This may become necessary one day when Forge and/or Mojang shuts down their servers for these legacy artifacts. |
| 3 | |
| 4 | == SSL Woes == |
| 5 | In order to use the repository in Gradle it may be necessary to install our certificate to your central trust store. Follow the steps below: |
| 6 | |
| 7 | === Step 1 - Obtain the root certificate === |
| 8 | The root certificate is the same one serving-up this web-page, so use your browser to find out what it is and where to get it. We're not going to link it or attach it here directly because that is a security risk. |
| 9 | |
| 10 | === Step 2 - Convert the root certificate to DER format === |
| 11 | This can be done with help of the **openssl** toolkit, where `gd-bundle.pem` is the original certificate filename in PEM format, and `gd-bundle.der` the filename to output, in DER format (which the Java keytool utility can understand). If you were able to obtain the root certificate in DER format, skip this step. |
| 12 | |
| 13 | {{{ |
| 14 | #!sh |
| 15 | openssl x509 -in gd-bundle.pem -inform pem -out gd-bundle.der -outform der |
| 16 | }}} |
| 17 | |
| 18 | === Step 3 - Validate the root certificate content === |
| 19 | |
| 20 | Ensure that the Java keytool can parse the certificate and display its content: |
| 21 | |
| 22 | {{{ |
| 23 | #!sh |
| 24 | keytool -v -printcert -file gd-bundle.der |
| 25 | }}} |
| 26 | |
| 27 | === Step 4. Import the root certificate into the JVM trust store === |
| 28 | |
| 29 | Enter the following command where `$JAVA_HOME` is a shell environment variable that points to your Java installation, e.g. to `/usr/lib/jvm/java-8-oracle`; for `-alias` pick some unique name for the certificate in the store: |
| 30 | |
| 31 | {{{ |
| 32 | #!sh |
| 33 | keytool -importcert -alias startssl -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -file gd-bundle.der |
| 34 | }}} |
| 35 | |
| 36 | (the default password for the CA store is ''changeit'') |
| 37 | |
| 38 | The keytool will prompt you for confirmation, enter ''yes'' to complete the operation. |
| 39 | |
| 40 | === Step 5. Verify that the root certificate has been imported === |
| 41 | |
| 42 | To do that list the trust store content and filter for the certificate alias (name) with `grep`: |
| 43 | |
| 44 | {{{ |
| 45 | #!sh |
| 46 | keytool -keystore "$JAVA_HOME/jre/lib/security/cacerts" -storepass changeit -list | grep '^startssl\b' |
| 47 | }}} |
| 48 | |
| 49 | You will now be able to make secure SSL/TLS connections to servers which have a certificate signed by the CA which we just imported. |