Configure SSL Settings for Yum

JFrog Artifactory Documentation

ft:sourceType
Paligo

YUM supports SSL from version 3.2.27.

To secure a repository with SSL, execute the following steps:

  • Generate a private key and certificate using OpenSSL.

  • Define your protected repository in a .repo file as follows:

    [protected]
    name = SSL protected repository
    baseurl=<secure repo url>
    enabled=1
    gpgcheck=1
    gpgKey=<URL to public key>
    sslverify=1
    sslclientcert=<path to .cert file>
    sslclientkey=<path to .key file>

    where:

    gpgkey is a URL pointing to the ASCII-armored GPG key file for the repository . This option is used if YUM needs a public key to verify a package and the required key has not been imported into the RPM database.

    If this option is set, YUM will automatically import the key from the specific URL. You will be prompted before the key is installed unless the assumeyes option is set.