I'm currently setting up a perforce helix core server and I'm a bit stumped about the SSL connection. According to the Helix Core Server Administrator Guide, an ssl connection by specifing P4PORT on the server as e.g. ssl:1666 requires a certificate: "When configured to accept SSL connections, all server processes (p4d, p4p, p4broker), require a valid certificate and key pair on startup", and that I can generate a certificate using
p4d -Gc. But even without explicitly generating a certificate, the perfoce server is perfectly reachable from outside.
Additionally, when I set up the certificate generation by setting P4SSLDIR and generating them before creating a server, the server seems to not use these certificates as the fingerprints differ, between p4d -Gf and when trying to connect to the server.
Here is the excerpt of my terminal on the server after starting it:
root@1c5a712c8410:/# p4d -Gf Fingerprint: 54:07:27:56:93:D0:54:F7:59:5A:64:49:5A:87:8A:68:0C:00:62:0C root@1c5a712c8410:/# p4 trust The fingerprint of the server of your P4PORT setting 'ssl:1666' (127.0.0.1:1666) is not known. That fingerprint is 06:53:5B:76:5E:80:A1:32:06:85:C2:07:6C:51:6F:88:02:72:44:D7 Are you sure you want to establish trust (yes/no)? no
When trying to connect using P4Admin from another machine I get the same "wrong" fingerprint:
Is there some additional configuration necessary beside defining P4SSLDIR on the server to use this certificate for p4d?
Thanks for the help.