Skip to content

SSL Root CA Certificates

Ross Scroggs edited this page Mar 22, 2018 · 2 revisions

SSL Root CA Certificates

For an overall discussion of SSL, see: https://sites.google.com/site/x509certificateusage/

Google Internet Authority, see: https://pki.google.com/index.html

Trusted Roots, see: https://pki.google.com/faq.html What roots should we trust for connecting to Google?

GAM internally uses the PEM file mentioned in the previous link; it is also included in the GAM distribution as cacerts.pem.

If your site uses a firewall that does SSL inspection/decryption, you will need a vendor specific certificate. Here is a sample vendor's description of the process: http://cookbook.fortinet.com/why-you-should-use-ssl-inspection/

If this is your situation, copy cacerts.pem from the folder containing gam.exe/gam.py to the folder containing gam.cfg.

If your vendor's certificate is in DER format, you will have to convert it to PEM format.

  • openssl x509 -inform DER -in firewallcert.crt -out firewallcert.pem -outform PEM

Append firewallcert.pem to cacerts.pem and then update gam.cfg by setting cacerts_pem = cacerts.pem.

Clone this wiki locally
You can’t perform that action at this time.