You will need to generate cert on Both Machines individually
go to /.local/share/barrier/SSL/
Create a folder mkdir -p Fingerprints
openssl req -x509 -nodes -days 365 -subj /CN=barrier -newkey rsa:4096 -keyout Barrier.pem -out Barrier.pem
openssl x509 -fingerprint -sha1 -noout -in Barrier.pem > Fingerprints/Local.txt
sed -e "s/.*=//" -i Fingerprints/Local.txt
Finally folder structure should look like below
├── Barrier.pem
└── Fingerprints
└── Local.txt
Go to
/Users/$USER/Library/Application Support/barrier/SSL
Create a folder mkdir -p Fingerprints
openssl req -x509 -nodes -days 365 -subj /CN=barrier -newkey rsa:4096 -keyout Barrier.pem -out Barrier.pem && openssl x509 -fingerprint -sha1 -noout -in Barrier.pem > Fingerprints/Local.txt && sed -e "s/.*=//" -i '' Fingerprints/Local.txt
Finally folder structure should look like below
├── Barrier.pem
└── Fingerprints
└── Local.txt
Few extra steps involved
Install OpenSSL terminal application
Install sed tool using winget winget install mbuilov.sed
site
Similar to linux
Go to AppData\Local\Barrier\SSL
Create folder Fingerprints
Now open the OpenSSL CMD client from windows start menu and generate the below
openssl req -x509 -nodes -days 365 -subj /CN=barrier -newkey rsa:4096 -keyout Barrier.pem -out Barrier.pem
openssl x509 -fingerprint -sha1 -noout -in Barrier.pem > Fingerprints/Local.txt
for the step involving sed may have to be done manually and leave only the signature
or use GitBash to run sed -e "s/.*=//" -i Fingerprints/Local.txt
Enable SSL and auto config or pass the server ip address, you will be prompted for the SSL signature check if the signatures are same.
Should you need to swap the server and client, should be able to do so with minimal friction.