If you have configured Taskserver and created a user account (or better yet, someone created an account for you) then you now have details needed in the configuration of your Taskwarrior client. You should have these files and this information:
ca.cert.pem
first_last.cert.pem
first_last.key.pem
cf31f287-ee9e-43a8-843e-e8bbd5de4294
Public
First Last
host.domain:53589
.
In the
server configuration
we used localhost
as an example. Whatever you
actually used there, should be used here.
Copy the Cert, Key and CA to your ~/.task directory. The reason we are copying the CA cert is because this is a self-signed cert, and we need the CA to validate against. Alternately we could force Taskwarrior to trust all certs, but that is not recommended.
$ cp first_last.cert.pem ~/.task $ cp first_last.key.pem ~/.task $ cp ca.cert.pem ~/.task
Now we need to make Taskwarrior aware of these certs:
$ task config taskd.certificate -- ~/.task/first_last.cert.pem $ task config taskd.key -- ~/.task/first_last.key.pem $ task config taskd.ca -- ~/.task/ca.cert.pem
Now set the server info:
$ task config taskd.server -- host.domain:53589
Finally we provide the credentials, which combine the organization, account name and user key:
$ task config taskd.credentials -- Public/First Last/cf31f287-ee9e-43a8-843e-e8bbd5de4294
It is possible to configure Taskwarrior's trust level, which determines how the server certificate is treated.
For Taskwarrior 2.3.0
you can specify taskd.trust=yes
in order to skip
certificate validation.
This is a bad idea.
The default is taskd.trust=no
, which does not trust
the server certificate, which is more secure.
For Taskwarrior 2.4.0
you must specify taskd.trust=ignore hostname
in
order to skip certificate hostname validation.
This is a bad idea.
You can also specify taskd.trust=allow all
to
perform no validation.
This is a worse idea.
The default value is taskd.trust=strict
which
performs the most stringent verification, and is more secure.
Your Taskwarrior is now ready to sync.