P4TRUST
When Swarm is configured to connect to a Helix Core Server (P4D) using an SSL connection, Swarm automatically executes the p4 trust
command, which accepts the SSL fingerprint and creates a p4trust
file containing a list of trusted servers and their fingerprints.
The location the p4trust file is saved to depends on whether Swarm is connected to a single Helix Core Server or to multiple Helix Core Servers.
- Single Helix Core Server: saved as SWARM_ROOT/data/p4trust
- Multiple Helix Core Servers: saved as a separate file for each server. For example, for serverA, serverB, and serverC they are saved as:
- SWARM_ROOT/data/serverA/p4trust
- SWARM_ROOT/data/serverB/p4trust
- SWARM_ROOT/data/serverC/p4trust
If a certificate changes
If a certificate for a Helix Core Server is changed for any reason then Swarm connections to that server will fail after that server is restarted.
The solution is to delete the p4trust file for that Helix Core Server from the location described above. Swarm will automatically run p4 trust on the next request if the p4trust file is not found.