Configuration Common Windows: Difference between revisions
Jump to navigation
Jump to search
Line 8: | Line 8: | ||
:* Collect corporate root certificate by visiting one of the msys2 repository (https://repo.msys2.org) (see [https://stackoverflow.com/questions/69348953/certificate-error-when-trying-to-install-msys2-packages-on-windows-server/70398349#70398349 SO for chrome]). |
:* Collect corporate root certificate by visiting one of the msys2 repository (https://repo.msys2.org) (see [https://stackoverflow.com/questions/69348953/certificate-error-when-trying-to-install-msys2-packages-on-windows-server/70398349#70398349 SO for chrome]). |
||
:* Append corporate ROOT and intermediate SSL certificates (in Base64 format, see [[SSL]]) into {{file|etc/ssl/certs/ca-bundle.crt}}. |
:* Append corporate ROOT and intermediate SSL certificates (in Base64 format, see [[SSL]]) into {{file|etc/ssl/certs/ca-bundle.crt}}. |
||
:* Alternatively, copy all certificate in {{file|/etc/pki/ca-trust/source/anchors/}} (in PEM format), then run <code>update-ca-trust</code> (but didn't seem to work for me). |
|||
:* Edit {{file|/etc/pacman.conf}}, here using <code>curl</code>: |
:* Edit {{file|/etc/pacman.conf}}, here using <code>curl</code>: |
||
<source lang="text"> |
<source lang="text"> |
Revision as of 14:51, 9 July 2024
MSYS2 on corporate PC
- Use installer
msys2-x86_64-20240507.ex
.
- Issue Install is stuck at 50% (see Issue #2580).
- Looking in task manager with see a
bash
process, running/usr/bin/pacman-key --refresh-keys
. - We kill the process and let the install proceed.
- Setup
http_proxy
variables in .bashrc, see Proxy. - Tell pacman to use our corporate certificates.
- Collect corporate root certificate by visiting one of the msys2 repository (https://repo.msys2.org) (see SO for chrome).
- Append corporate ROOT and intermediate SSL certificates (in Base64 format, see SSL) into etc/ssl/certs/ca-bundle.crt.
- Alternatively, copy all certificate in /etc/pki/ca-trust/source/anchors/ (in PEM format), then run
update-ca-trust
(but didn't seem to work for me). - Edit /etc/pacman.conf, here using
curl
:
XferCommand = /usr/bin/curl --cacert /etc/ssl/certs/ca-bundle.crt -L -C - -f -o %o %u
- Alternatively use option
--ca-directory=/usr/ssl/certs
withwget
.
- Alternatively use option
- Install a few packages:
pacman -S openssh openssl vim base base-devel gcc procps
- Download, build and install autossh (autossh-1.4e.tgz).
- Download, build and install connect-proxy (https://github.com/larryhou/connect-proxy.git, commit 63a650a)
- Install Git For Windows.
- Setup auto ssh forward for IMAP:
- This assumes that the SSH key shares the same password as the proxy
- File bin/echo-proxy-pass:
#!/bin/bash
echo "$HTTP_PROXY_PASSWORD"
unset HTTP_PROXY_PASSWORD
- File bin/startup.sh:
# Add our ssh keys - eval because ssh-add.list contains '~'
DISPLAY="0:0" SSH_ASKPASS="echo-proxy-pass" SSH_ASKPASS_REQUIRE=force ssh-add ~/.ssh/id_ed25519_winmail < /dev/null
pgrep -x autossh > /dev/null || autossh -M 0 -f -N -n -q -L 9143:localhost:9143 -L 9025:localhost:9025 ovhi
# Check that ssh is running fine (must keep same PID)
ps faux|grep "bin/ssh$" && sleep 2 && ps faux|grep "bin/ssh$"