Helix Core Server Administrator Guide: Multi-Site Deployment (2019.2)

Enabling SSL support

To encrypt the connection between a replica server and its end users, the replica must have its own valid private key and certificate pair in the directory specified by its P4SSLDIR environment variable. Certificate and key generation and management for replica servers works the same as it does for the (master) server. See Enabling SSL support. The users' Helix server applications must be configured to trust the fingerprint of the replica server.

To encrypt the connection between a replica server and its master, the replica must be configured so as to trust the fingerprint of the master server. That is, the user that runs the replica p4d (typically a service user) must create a P4TRUST file (using p4 trust) that recognizes the fingerprint of the master Helix Core server.

The P4TRUST variable specifies the path to the SSL trust file. You must set this environment variable in the following cases:

  • for a replica that needs to connect to an SSL-enabled master server, or
  • for an edge server that needs to connect to an SSL-enabled commit server.
Additional product documentation
Perforce training portal
Perforce video library
Perforce knowledge base
Perforce customer support
Email us at: manual@perforce.com