How to add a SSL root certificate to IDEA on OS X?

What is the correct way to add a SSL root certificate to IDEA on OS X? I'm using the DMG with the bundled JDK. I tried the following steps but all of them failed in one way or the other:

  • Created a keystore in ~/Library/Caches/IntelliJIdea14/tasks/cacerts with standard password changeit. Neither Atlassian connector nor TeamCity plugin recognize SSL certificates based on that CA as valid
  • Accepted the certificate permanently when presented by IDEA. This works for Atlassian connector but not the TeamCity Plugin. The TeamCity plugin does not prompt for unknown SSL certificates and just fails with a connection error.
  • Added the root CA to /Applications/IntelliJ\ IDEA\ 14\ EAP.app/Contents/jre/jdk1.7.0_60.jdk/Contents/Home/jre/lib/security/cacerts. This causes IDEA to accept all certificates based on that CA but OS X now prompts on startup whether IDEA should be allowed to accept network connections. Can't tell you, how much I hate this useless and annoying OS X dialog. I suppose, it appears because of the modification of the cacerts file that broke the IntelliJ IDEA 14 EAP.app code signature.


The first approach feels like the correct way to go. Did I just use an incorrect path for the cacerts file? How do others approach this problem? I can hardly believe, that I am the one lonely SSL user...

2 comments
Comment actions Permalink

The simple way is to use Preferences > Tools Server Certificates and add it there. Glad to learn that there even is a nice user interface for that!

1
Comment actions Permalink

Dirk, thanks for your answer! I used it to add my certificates. Really it is much better experience than using keytool ;)

0

Please sign in to leave a comment.