TeamCity 2019.1 Help

Uploading SSL Certificates

It is possible to upload an SSL certificate which TeamCity considers trusted when establishing connection by HTTPS or SSL protocols. These can be self-signed certificates or certificates signed by a not well-known certificate authority (CA).

Adding trusted certificates to TeamCity server

The trusted certificates storage is global for the whole server and affects all server projects.

To add a trusted certificate
  1. Navigate to the Root project Administration area and select the SSL / HTTPS Certificates menu item in the sidebar

  2. Click Upload certificate, specify the certificate name and choose a certificate file of one of the supported formats: PEM, DER or PKCS#7.

  3. Save your changes.

Delivering certificates to TeamCity agents

All uploaded certificates will be automatically delivered to all TeamCity agents.

However, sometimes automatically distributing certificates to all agents may not be needed or may be undesirable. Then you can manually add certificates to a required agent by placing them into the <TeamCity Agent Home>/conf/trustedCertificates folder (one file per certificate, certificates in textual form in one of the supported formats mentioned above).

This can be useful in the following cases:

  • If the user is running the TeamCity server under a non-trusted certificate, you need to place the server certificate into this folder on an agent to establish agent-server connection

  • If the user considers their network connection between the server and agents insecure and does not want to transfer sensitive information.

Last modified: 19 June 2019