Although optional, we advise the connection from Nexus to your Crowd server to use the HTTPS protocol.
If the Crowd Server certificate is not signed by a public certificate
authority, you may have to explicitly trust the server certificate
using Nexus SSL support. A common symptom observed are
not authenticated messages, when trying to connect to the Crowd
Steps to explicitly trust the Crowd Server URL certificate in Nexus are:
The SSL: Crowd capability is only available in Nexus 2.7+. Older versions must manually configure trust using an explicit truststore specified with JRE system properties.
- Login to Nexus as an Administrator.
- In the sidebar menu, click Administration → Capabilities to open the Capabilities panel.
- Click the Add button in the panel toolbar. Select SSL: Crowd in the Type field. Make sure the Enabled checkbox is checked, and click the Save button.
In order to add the server certificate of your Crowd server to the Nexus truststore, locate the HTTPS Crowd Server URL and follow the Load from server instructions in Section 24.1.2, “Trusting SSL Certificates Globally”.
The Crowd Configuration screen displayed in Figure 9.6, “Crowd Configuration Panel” can be accessed by users with administrative privileges in Nexus by selecting Crowd in the Security section of the Nexus menu.
This panel contains the following fields:
- Application Name
- This field contains the application name of a Crowd application. This value should match the value in the Name field of the form shown in Figure 9.1, “Creating a Nexus Crowd Application”.
- Application Password
- This field contains the application password of a Crowd application. This value should match the value in the Password field of the form shown in Figure 9.1, “Creating a Nexus Crowd Application”.
- Crowd Server URL
- This is the URL used to connect to the Crowd Server. Both http:// and https:// URLs are accepted. You may need to trust the crowd server certificate if a https:// URL is used.
- HTTP Timeout
- The HTTP Timeout specifies the number of milliseconds Nexus will wait for a response from Crowd. A value of zero indicates that there is no timeout limit. Leave the field blank to use the Nexus server default HTTP timeout.
You can use the Test Connection button to validate if your connection to Crowd is working. Once you have a working connection, do not forget to Save your configuration. Use Cancel to abort saving any changes.