Skip to content

SSL Root CA Certificates

Ross Scroggs edited this page Feb 13, 2020 · 2 revisions

SSL Root CA Certificates

For an overall discussion of SSL, see: https://sites.google.com/site/x509certificateusage/

Google Internet Authority, see: https://pki.google.com/index.html

Trusted Roots, see: https://pki.google.com/faq.html What roots should we trust for connecting to Google?

GAM internally uses the PEM file mentioned in the previous link; it is also included in the GAM distribution as cacerts.pem.

If your site uses a firewall that does SSL inspection/decryption, you will need a vendor specific certificate. If your vendor's certificate is in DER format, you will have to convert it to PEM format.

  • openssl x509 -inform DER -in firewallcert.crt -out firewallcert.pem -outform PEM

Copy cacerts.pem from the folder containing gam.exe/gam.py to the folder containing gam.cfg.

Append the contents of firewallcert.pem to cacerts.pem

  • Linux/Mac OS - cat firewallcert.pem >> cacerts.pem
  • Windows - type firewallcert.pem >> cacerts.pem

Tell GAM to use the new cacerts.pem:

gam config cacerts_pem cacerts.pem save

Update History

Installation

Configuration

Notes and Information

Definitions

Command Processing

Collections

Client Access

Special Service Account Access

Service Account Access

Clone this wiki locally