Enable SSL support

To encrypt the connection between a Helix Broker and its end users, your broker must have a valid private key and certificate pair in the directory specified by its P4SSLDIR environment variable. Certificate and key generation and management for the broker works the same as it does for the Helix Core Server. The users' Helix Core Server applications must be configured to trust the fingerprint of the broker.

To encrypt the connection between a Helix Broker and a Helix Core Server, your broker must be configured to trust the fingerprint of the Helix Core Server. Therefore, the user that runs p4broker must:

  1. Use the p4 trust command to create a P4TRUST file that recognizes the fingerprint of the Helix Core Server.

  2. Set P4TRUST to specify the path to the P4TRUST file because P4TRUST cannot be specified in the broker configuration file.

For more information about enabling SSL for the broker, see the Perforce Support Center on Enabling SSL Support for the Server/Broker/Proxy.