githubFork/gitblit.git - Solinfo Gitblit

			@@ -27,7 +27,6 @@
			- git.repositoryFolder (path may be relative or absolute)
			- groovy.scriptsFolder (path may be relative or absolute)
			- groovy.grapeFolder (path may be relative or absolute)
			- web.siteName (used in certificate generation, etc)
			- server.tempFolder (path may be relative or absolute)
			- server.httpPort and server.httpsPort
			- server.httpBindInterface and server.httpsBindInterface
			@@ -36,10 +35,10 @@
			- git.packedGitLimit (set larger than the size of your largest repository)
			- git.streamFileThreshold (set larger than the size of your largest committed file)
			3. Execute `authority.cmd` or `java -jar authority.jar` from a command-line
			a. enter default values for your generated certificates in the new certificate defaults dialog
			b. enter the store password used in server.storePassword when prompted (this generates an SSL certificate for localhost)
			c. you will also want to generate SSL certificates for the hostnames or ip addresses you serve from
			d. exit the authority app
			1. fill out the fields in the new certificate defaults dialog
			2. enter the store password used in server.storePassword when prompted. This generates an SSL certificate for localhost.
			3. you may want to generate an SSL certificate for the hostname or ip address hostnames you are serving from<br/>NOTE: You can only have one SSL certificate specified for a port.
			5. exit the authority app
			4. Execute `gitblit.cmd` or `java -jar gitblit.jar` from a command-line
			5. Open your browser to <http://localhost:8080> or <https://localhost:8443> depending on your chosen configuration.
			6. Enter the default administrator credentials: admin / admin and click the Login button
			@@ -55,18 +54,21 @@
			Cannot get remote repository refs.
			Reason: https:/myserver.com/git/myrepo.git: cannot open git-upload-pack

			If you want to serve your repositories to another machine over https then you will want to generate your own certificate.
			If you want to serve your repositories to another machine over https then you will want to generate a new certificate for the hostname or ip address you are serving from.

			1. `authority.cmd` or `java -jar authority.jar`
			2. Click the new ssl certificate button (red rosette in the toolbar in upper left of window)
			3. Enter the hostname or ip address
			4. Enter the server.storePassword password
			4. Make sure the checkbox serve https with this certificate is checked
			5. In the keystore password prompt, enter the server.storePassword password

			Additionally, if you want to change the value of server.storePassword (recommended) you will have to delete the following files and then start the Gitblit Certificate Authority app:
			If you decide to change the value of server.storePassword (recommended) <u>after</u> you have already started Gitblit or Gitblit Certificate Authority, then you will have to delete the following files and then restart the Gitblit Certificate Authority app:

			1. serverKeyStore.jks
			2. serverTrustStore.jks
			3. certs/caKeyStore.jks
			4. certs/ca.crt
			5. certs/caRevocationList.crl (optional)

			### Client SSL Certificates
			SINCE 1.2.0
			@@ -94,8 +96,12 @@

			1. `authority.cmd` or `java -jar authority.jar`
			2. Select the user for which to generate the certificate
			3. Click the new certificate button and enter the expiration date of the certificate. You must also enter a password for the generated keystore. This password is not the same as the user's login password. This password is used to protect the privatekey and public certificate you will generate for the selected user. You must also enter a password hint for the user.
			3. Click the new certificate button and enter the expiration date of the certificate. You must also enter a password for the generated keystore. This password is not the same as the user's login password. This password is used to protect the privatekey and public certificate you will generate for the selected user. You must also enter a password hint for the user.
			4. If your mail server settings are properly configured you will have a send email checkbox which you can use to immediately send the generated certificate bundle to the user.

			#### Certificate Inspection and Advanced Troubleshooting

			X509 certificates can be confusing and tricky even with the simplified Gitblit Certificate Authority tool. If you find you need more tooling to understand your keystores, certificates, and certificate revocation lists (CRLs), I highly recommend [Portecle](http://portecle.sourceforge.net) which can be conveniently launched as a [Java Web Start app](http://portecle.sourceforge.net/webstart/portecle.jnlp).

			### Running as a Windows Service
			Gitblit uses [Apache Commons Daemon](http://commons.apache.org/daemon) to install and configure its Windows service.
			@@ -130,6 +136,7 @@
			--httpPort HTTP port for to serve. (port <= 0 will disable this connector)
			--httpsPort HTTPS port to serve. (port <= 0 will disable this connector)
			--ajpPort AJP port to serve. (port <= 0 will disable this connector)
			--alias Alias in keystore of SSL cert to use for https serving
			--storePassword Password for SSL (https) keystore.
			--shutdownPort Port for Shutdown Monitor to listen on. (port <= 0 will disable this monitor)
			--tempFolder Folder for server to extract built-in webapp