Skip to content

Commit 4acf36b

Browse files
ericpaulsenammario
ericpaulsen
and
ammario
authored
docs: describe gateway and internal certs (#7747)
* docs: gateway & self-signed certs * docs: update trust store locations * toolbox paths * fix: windows cacerts location --------- Co-authored-by: Ammar Bandukwala <ammar@ammar.io>
1 parent 62b2560 commit 4acf36b

File tree

1 file changed

+43
-0
lines changed

1 file changed

+43
-0
lines changed

docs/ides/gateway.md

+43
Original file line numberDiff line numberDiff line change
@@ -74,3 +74,46 @@ explaining this IDE specification.
7474
![Gateway IDE Opened](../images/gateway/gateway-intellij-opened.png)
7575

7676
> Note the JetBrains IDE is remotely installed into `~/.cache/JetBrains/RemoteDev/dist`
77+
78+
## Configuring Gateway to use internal certificates
79+
80+
When attempting to connect to a Coder deployment that uses internally signed certificates,
81+
you may receive the following error in Gateway:
82+
83+
```console
84+
Failed to configure connection to https://coder.internal.enterprise/: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
85+
```
86+
87+
To resolve this issue, you will need to add Coder's certificate to the Java trust store
88+
present on your local machine. Here is the default location of the trust store for
89+
each OS:
90+
91+
```console
92+
# Linux
93+
<Gateway installation directory>/jbr/lib/security/cacerts
94+
95+
# macOS
96+
<Gateway installation directory>/jbr/lib/security/cacerts
97+
/Library/Application Support/JetBrains/Toolbox/apps/JetBrainsGateway/ch-0/<app-id>/JetBrains Gateway.app/Contents/jbr/Contents/Home/lib/security/cacerts # Path for Toolbox installation
98+
99+
# Windows
100+
C:\Program Files (x86)\<Gateway installation directory>\jre\lib\security\cacerts
101+
%USERPROFILE%\AppData\Local\JetBrains\Toolbox\bin\jre\lib\security\cacerts # Path for Toolbox installation
102+
```
103+
104+
To add the certificate to the keystore, you can use the `keytool` utility that ships
105+
with Java:
106+
107+
```console
108+
keytool -import -alias coder -file <certificate> -keystore /path/to/trust/store
109+
```
110+
111+
On Windows, you can use `keytool` that ships with the JetBrains Gateway installation.
112+
For example:
113+
114+
```powershell
115+
& 'C:\Program Files\JetBrains\JetBrains Gateway <version>/jbr/bin/keytool.exe' 'C:\Program Files\JetBrains\JetBrains Gateway <version>/jre/lib/security/cacerts' -import -alias coder -file <cert>
116+
117+
# command for Toolbox installation
118+
& '%USERPROFILE%\AppData\Local\JetBrains\Toolbox\apps\Gateway\ch-0\<VERSION>\jbr\bin\keytool.exe' '%USERPROFILE%\AppData\Local\JetBrains\Toolbox\bin\jre\lib\security\cacerts' -import -alias coder -file <cert>
119+
```

0 commit comments

Comments
 (0)