Skip to main content

SSH

Code Insight supports SSH authentication between the Git client (running on the same machine as the Code Insight Scan Server) and the Git server, such as GitHub, GitLab, and Bitbucket, containing the repository to be synchronized to Code Insight.

Setting Up SSH Authentication

For instructions on how to set up an SSH authentication for communication between a Git client and the GitHub server, refer to the GitHub documentation (such as https://docs.github.com/en/github/authenticating-to-github/connecting-to-github-with-ssh​).

If you want to use HTTPS along with SSH for communication between the Git client and the Git server, you must perform the additional steps described in the next section.

Configuring the Use of HTTPS Along with SSH

Use the appropriate procedure to configure use of HTTPS along with SSH for communications between the Git client and the Git server:

These procedures assume the following:

  • SSH authentication between Git client and the Git server has already been set up.

  • The Git server containing the repository to be synchronized to Code Insight is configured for HTTPS.

Depending on your Git version, the paths referenced in these procedures might be different from the paths used in your version.

Configuration in a Linux Environment

Use this procedure to configure the use of HTTPS along with SSH when the Git client and Git server run in a Linux environment.

To configure the use of HTTPS along with SSH in a Linux environment, do the following:

  1. As the user who will need to establish a connection between the Git client and the Git server for synchronization purposes, log on to the machine running both the Git client and the Scan Server.
  2. Execute the following command:

    • git config --global http.sslCAPath /etc/pki/tls/certs

    • This command establishes a secure connection between the Git client and the Git server.

  3. On the machine running the Git server, locate the file containing the Git HTTPS root certificate signed by CA.
  4. Copy the certificate file to the /etc/pki/tls/certs folder on the machine running both the Git client and the Scan Server.

Configuration in a Windows Environment

Use this procedure to configure the use of HTTPS along SSH when the Git client and Git server run in a Windows environment.

To configure the use of HTTPS along with SSH in a Windows environment, do the following:

  1. On the machine running the Git server, export the Git HTTPS root certificate to a file. You can do this from within your browser.
  2. On the machine running both the Git client and the Scan Server, locate the ca-bundle.crt file in the appropriate Git folder (for example, C:\Program Files\Git\usr\ssl\certs).
  3. Open ca-bundle.crt in a text editor.
  4. Copy the content of the certificate file that you exported, and paste it at the end of the content in the ca-bundle.crt file.
  5. From the machine running both the Git client and the Scan Server, execute the following command to establish a secure connection between the Git server and the Git client:
    • git config --global http.sslCAInfo C:\Program Files\Git\usr\ssl\certs\ca-bundle.crt