| | 1 | = Maven Repository = |
| | 2 | We have our own Maven repository exclusively for mod development located at [https://gauss.extollit.com/mvn] (and nothing else). This may become necessary one day when Forge and/or Mojang shuts down their servers for these legacy artifacts. |
| | 3 | |
| | 4 | == SSL Woes == |
| | 5 | In order to use the repository in Gradle it may be necessary to install our certificate to your central trust store. Follow the steps below: |
| | 6 | |
| | 7 | === Step 1 - Obtain the root certificate === |
| | 8 | The root certificate is the same one serving-up this web-page, so use your browser to find out what it is and where to get it. We're not going to link it or attach it here directly because that is a security risk. |
| | 9 | |
| | 10 | === Step 2 - Convert the root certificate to DER format === |
| | 11 | This can be done with help of the **openssl** toolkit, where `gd-bundle.pem` is the original certificate filename in PEM format, and `gd-bundle.der` the filename to output, in DER format (which the Java keytool utility can understand). If you were able to obtain the root certificate in DER format, skip this step. |
| | 12 | |
| | 13 | {{{ |
| | 14 | #!sh |
| | 15 | openssl x509 -in gd-bundle.pem -inform pem -out gd-bundle.der -outform der |
| | 16 | }}} |
| | 17 | |
| | 18 | === Step 3 - Validate the root certificate content === |
| | 19 | |
| | 20 | Ensure that the Java keytool can parse the certificate and display its content: |
| | 21 | |
| | 22 | {{{ |
| | 23 | #!sh |
| | 24 | keytool -v -printcert -file gd-bundle.der |
| | 25 | }}} |
| | 26 | |
| | 27 | === Step 4. Import the root certificate into the JVM trust store === |
| | 28 | |
| | 29 | Enter the following command where `$JAVA_HOME` is a shell environment variable that points to your Java installation, e.g. to `/usr/lib/jvm/java-8-oracle`; for `-alias` pick some unique name for the certificate in the store: |
| | 30 | |
| | 31 | {{{ |
| | 32 | #!sh |
| | 33 | keytool -importcert -alias startssl -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -file gd-bundle.der |
| | 34 | }}} |
| | 35 | |
| | 36 | (the default password for the CA store is ''changeit'') |
| | 37 | |
| | 38 | The keytool will prompt you for confirmation, enter ''yes'' to complete the operation. |
| | 39 | |
| | 40 | === Step 5. Verify that the root certificate has been imported === |
| | 41 | |
| | 42 | To do that list the trust store content and filter for the certificate alias (name) with `grep`: |
| | 43 | |
| | 44 | {{{ |
| | 45 | #!sh |
| | 46 | keytool -keystore "$JAVA_HOME/jre/lib/security/cacerts" -storepass changeit -list | grep '^startssl\b' |
| | 47 | }}} |
| | 48 | |
| | 49 | You will now be able to make secure SSL/TLS connections to servers which have a certificate signed by the CA which we just imported. |
