Can't clone through SSL Reverse Proxy

398 views
Skip to first unread message

Mohamed Ragab

unread,
Apr 26, 2012, 10:42:19 AM4/26/12
to git...@googlegroups.com
Hello,

I am trying to:
- Run Gitblit with HTTP only (no HTTPS , SSL)
- Run Apache in front of Gitblit, such that Apache is accessible through HTTPS (and I am also trying HTTP during troubleshooting)

After reading the "Running Gitblit behind Apache" section of the setup I managed to get the configuration running as follows

- I can navigate through the different pages and login from the browser (both HTTP and HTTPS work just fine)
- I can clone any repository just fine through HTTP
- I can not clone any repositories through HTTPS

Currently when I do: git clone https://... 
It just sits there and does noting at all, not a single character is printed on screen, the Apache access and error logs show nothing for that request, after 10 minutes (I suppose a timeout) 
error: Peer closed the TLS connection while accessing https://user...@full.domain.name/gitblit/git/simplereponame.git/info/refs

What could I be missing?

--
Thanks and Kind Regards
Mohamed Ragab

James Moger

unread,
Apr 26, 2012, 11:25:00 AM4/26/12
to git...@googlegroups.com
Hmm. I'm not sure if it will change anything, but have you tried https->ajp?

-J

James Moger

unread,
Apr 26, 2012, 12:26:14 PM4/26/12
to Mohamed Ragab, git...@googlegroups.com
Interestingly, I tested your problem on Ubuntu 12.04 and got the same
failure result. Server and client are same machine; no proxy
environment variables.
Hmmmmm... I'm glad I'm not a net admin. :)

-J

> Summary: Sorry for the fuss, this turned out to be a proxy configuration
> issue on the client's side
>
> I had tried the AJP connector, and got the same exact result in all aspects
>
> I then turned Apache logging to debug, and was still not getting any log
> entries for the git clone https://... request
> At that point I tried to do the clone from the same server, and it worked, I
> put back the HTTPS -> HTTP configuration and it still worked
>
> This is a setup inside a company's intranet, and the client machine had the
> environment variables http_proxy and https_proxy set, and for some reason
> git clone http://... reaches the server and works fine, while git clone
> https://... doesn't reach the server and times out instead
> This is git 1.7.10 if that makes any difference
>
> Many thanks and sorry for the trouble :)

Mohamed Ragab

unread,
May 2, 2012, 10:09:56 AM5/2/12
to git...@googlegroups.com, Mohamed Ragab
Hello,

I intended to reply earlier but I was on the run :)

During troubleshooting I found it very useful to set the following environment variable on the client to be able to get more information about the connection from the git client side

export GIT_CURL_VERBOSE=1

This showed that both git clone http://... and git clone https://... connected to the proxy server, where the http request passed through the proxy to the gitblit server just fine, and the https request went also went through the proxy, passed the server certificate verification and just stopped there doing nothing, which I am still unable to explain

Putting the gitblit server name in the NO_PROXY on the client prevented the issue from occurring 


Mohamed Ragab
Reply all
Reply to author
Forward
0 new messages