get new SSL certificate


accurev get_certificate [--thumbprint=<thumbprint_value>]


In AccuRev installations in which the Secure Sockets Layer (SSL) protocol has been enabled on the AccuRev server, AccuRev prompts the user to enable SSL on the client in order to establish encrypted communication. This is done by inspecting and accepting the SSL certificate provided by the server. One of the ways to do this is to execute the get_certificate command.

The get_certificate command returns information about the SSL certificate and allows you to accept or reject it. If you accept it, AccuRev replaces the certificate on the client machine, enabling you to connect to the AccuRev server. If you reject the SSL certificate, you cannot connect to the AccuRev server.

The --thumbprint option allows you to specify the certificate’s thumbprint, which, if it matches that of the SSL certificate on the AccuRev server, allows the certificate to be accepted automatically.
The --thumbprint option can be used to automatically enable SSL on unattended machines using a script that executes

accurev get_certificate --thumbprint=309b7af1445f8b1fac7b6f8baabc3f7bb656dac9

for example. (The term thumbprint is the equivalent of fingerprint, which might be more familiar to users in UNIX/Linux environments.)



Compare the <thumbprint_value> with the certificate on the AccuRev server and accept if they match. If they do not, SSL is not enabled and AccuRev returns an error.

The <thumbprint_value> is the SHA1 hash of the certificate represented as a hexadecimal string. You can separate hexadecimal characters with colons, or you can double-quote the entire value and separate the characters with spaces. All of the following examples are valid:

"30 9b 7a f1 44 5f 8b 1f ac 7b 6f 8b aa bc 3f 7b b6 56 da c9" 

Values are case-insensitive, so the following example is valid as well:



Visually inspect and accept (or reject) the SSL certificate; enable SSL upon acceptance:

> accurev get_certificate

Compare the SSL thumbprint to that of the SSL certificate on the AccuRev server and automatically accept the certificate and enable SSL if there is a match:

> accurev get_certificate --thumbprint=309b7af1445f8b1fac7b6f8baabc3f7bb656dac9

See Also


AccuRev Admin Guide