You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/pipelines/agents/certificate.md
+7-7Lines changed: 7 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -50,7 +50,7 @@ The agent version 2.125.0 or above has the ability to ignore SSL server certific
50
50
51
51
> [!IMPORTANT]
52
52
>
53
-
> Ignoring SSL server certificate validation errors is not secure and not recommended, we highly suggest you install the certificate into your machine certificate store.
53
+
> Ignoring SSL server certificate validation errors isn't secure and not recommended, we highly suggest you install the certificate into your machine certificate store.
54
54
55
55
Pass `--sslskipcertvalidation` during agent configuration
56
56
```
@@ -59,23 +59,23 @@ Pass `--sslskipcertvalidation` during agent configuration
59
59
60
60
> [!NOTE]
61
61
>
62
-
> There is limitation of using this flag on Linux and macOS
63
-
> The`libcurl` library on your Linux or macOS machine needs to built with OpenSSL,[More Detail](https://github.com/dotnet/corefx/issues/9728)
62
+
> To use the `--sslskipcertvalidation`flag on Linux and macOS,
63
+
> the`libcurl` library on your Linux or macOS machine must be built with OpenSSL.[More information](https://github.com/dotnet/corefx/issues/9728)
64
64
65
65
### Git get sources fails with SSL certificate problem (Windows agent only)
66
66
67
67
We ship command-line Git as part of the Windows agent.
68
-
We use this copy of Git for all Git related operation.
68
+
We use this copy of Git for all Git related operations.
69
69
When you have a self-signed SSL certificate for your on-premises Azure DevOps Server machine, make sure to configure the Git we shipped to allow that self-signed SSL certificate.
70
-
There are 2 approaches to solve the problem.
70
+
There are two approaches to solve the problem.
71
71
72
72
1. Set the following git config in global level by the agent's run as user.
> Setting system level Git config is not reliable on Windows. The system `.gitconfig` file is stored with the copy of Git we packaged, which gets replaced whenever the agent is upgraded to a new version.
78
+
> Setting system level Git config isn't reliable on Windows. The system `.gitconfig` file is stored with the copy of Git we packaged, which gets replaced whenever the agent is upgraded to a new version.
79
79
80
80
2. Enable git to use `SChannel` during configure with 2.129.0 or higher version agent
81
81
Pass `--gituseschannel` during agent configuration
@@ -117,7 +117,7 @@ When that IIS SSL setting enabled, you need to use version `2.125.0` or newer an
117
117
Windows: Windows Credential Store
118
118
```
119
119
## Verifying Root Certificate Authority Trust
120
-
The build agent utilizes Node.js that relies on its own certificate store derived from Mozilla's trusted root certificates. It's crucial that any root certificate used for secure communication is trusted by the Node.js Certificate Authority store. This helps avoid the following errors after updating a certificate on the Azure DevOps Server machine:
120
+
The build agent utilizes Node.js that relies on its own certificate store derived from Mozilla's trusted root certificates. It's crucial that any root certificate used for secure communication is trusted by the Node.js Certificate Authority store, which helps avoid the following errors after updating a certificate on the Azure DevOps Server machine:
0 commit comments