Before you keep going, if you are considering using a self signed certificate, do consider using a free CA signed certificate from Let's Encrypt instead. It will save you a lot of hassle configuring self signed certificates everywhere you connect to the Pact Broker.
Connecting to a Pact Broker running over TLS
With a CA signed certificate
You shouldn't need to do anything, as the certificate authority's certificate should already be loaded into the store of your system.
With a self signed certificate
Search for "Specifying a custom trust store" in the search bar and select the results for the appropriate tool.
SSL_CERT_FILE environment variable to point to a local file containing the certificate in PEM format. It will look something like this:
You'll need to configure the certificate both your development environment and your CI. It's a bit of a hassle, so again, do consider a CA signed certificate from Let's Encrypt instead.
You can use this Docker Compose file to spike and troubleshoot connecting to a broker with a self signed certificate. Once you have run
docker-compose up once and seen it work with the built in files, replace the certificate and key files with your own and run
docker-compose down and
Extracting a copy of the certificate from a running Pact Broker
If you do not already have a copy of the certificate, you can extract it from Firefox.
- Open a page in the Pact Broker in Firefox
- Click on the lock icon next to the address bar
- Click on the ">" (Show connection details) button
- Click "More information"
- Click "View Certificate"
- Scroll down to Miscellaneous
- Click "PEM (chain)" in the Download section