Use SSL TLS with local or private PKI - archimatetool/archi-modelrepository-plugin GitHub Wiki

If you connect to your Git server through HTTPS, you might rely on local or private PKI. In such case, you can make it work using one of those two solutions:

  • Import your certificate into Archi's JRE
  • Make Archi use your OS's certificate

Import your certificate into Archi's JRE

If some of your models rely on SSL/TLS certificates, you have can add them to the Archi\jre\lib\security\cacerts:

  1. Open a Windows command shell (you can use the WIN R keyboard shortcut to open the "Run" box, enter cmd and press Enter)
  2. Go the the Archi\jre\bin folder
  3. Enter the following command: .\keytool -keystore ..\lib\security\cacerts -importcert -alias <alias> -file <certificate_filename>, where <alias> is a short description of the certificate to be added, and <certificate_filename>is the full path to the certificate.
  4. Type the password for the keystore at the “Password” prompt and press Enter. The default Java password for the cacerts file is “changeit”.

Be sure to import all of the certificates in the certificate chain, including root and intermediate certificates.

Make Archi use your OS's certificate

On Windows, you need the following parameters in the Archi.ini to tell the JRE to use the specified Certificate Manager:

-Djavax.net.ssl.trustStore=NUL
-Djavax.net.ssl.trustStoreType=WINDOWS-ROOT

On Mac, if you are using the Apple JCA Provider (should be the case) then set it to KeychainStore, i.e.

-Djavax.net.ssl.trustStore=NUL
-Djavax.net.ssl.trustStoreType=KeychainStore

If you value and use Archi please consider making a donation. Thanks!

⚠️ **GitHub.com Fallback** ⚠️