Extending the trusted CA list

After you download the Certified Authority (CA) certificate, you can add it to the trusted CAs list by setting the NODE_EXTRA_CA_CERTS environment variable with the location of the CA certificate.

Before you begin

You must have configured the certificate that is used by HCL OneTest Server as a trusted CA, and then install HCL OneTest Server. See Installation of the server software.

About this task

When you use an internal CA certificate, you must extend the trusted certificates list by using the NODE_EXTRA_CA_CERTS environment variable with the location of the CA certificate to add the certificate as a trusted CA. You can then start or restart the Azure agent.

Procedure

Choose the following steps depending on the operating system to set the CA certificate location to the environment variable NODE_EXTRA_CA_CERTS:
  • If you are using a Windows operating system, you must perform the following actions on the command prompt:
    1. Run the following command to convert the CA certificate to a PEM format:
      openssl x509 -in <CAcertificate.crt> -out <CustomName>.pem -outform PEM

      For example, openssl x509 -in mycert.crt -out mycert.pem -outform PEM

    2. Create the environment variable NODE_EXTRA_CA_CERTS by performing the following actions:
      1. Open the Environment Variables window.
      2. Click New from the System variables section.

        The New System Variable window is displayed.

        add environment variable for windows OS in Azure

      3. Enter NODE_EXTRA_CA_CERTS in the Variable name field.
      4. Enter the location of the PEM certificate in the Variable value field.
      5. Click OK.
  • If you are using a Linux operating system, you must perform the following actions on the terminal window:
    1. Run the following command to convert the CA certificate to a PEM format:
      openssl x509 -in <CAcertificate.crt> -out <CustomName>.pem -outform PEM

      For example, openssl x509 -in mycert.crt -out mycert.pem -outform PEM

    2. Run the following command to add the NODE_EXTRA_CA_CERTS variable to your environment variables list:
      export NODE_EXTRA_CA_CERTS= <file path of PEM file>

      For example, export NODE_EXTRA_CA_CERTS= /opt/myData/cacert.pem

Results

You have extended the trusted CA certificates list that you want to trust with the NODE_EXTRA_CA_CERTS environment variable.

What to do next

You must start or restart the Azure agent, and then run the tests that are available in Azure DevOps pipelines.