Important
To minimize the security risk, remember to exchange the CAs in a secured channel.
There is currently no support for CA revocation.
Create an X509 CA in PEM format using open SSL or other methods.
Share the CA with JFrog Support through a secured channel. You will need to communicate to JFrog the depth of the CA (sets the verification depth in the CA chain); the default is 2.
Note
The depth is the the maximum number of intermediate certificate issuers, i.e., the maximum number of CA certificates that are allowed to be followed by the server while verifying the CA.
Test the connection using curl/open ssl/browser.
Example
curl -v -u user:password "https://your-artifactory.jfrog.io/artifactory/" --cert example-cli.crt --key example-cli.key