SSL error when trying to clone via https -- GitBlit 1.8.0 Can not get https to work
674 views
Skip to first unread message
Gary Stofer
Dec 20, 2016, 5:53:56 PM12/20/16
to gitblit
I get an error from the git client when I try to use the https protocol to clone. Fatal: unable to access https://admin@localhost/r/test.git : SSL certification problem: self signed certificate in certificate chain.
Gitblit 1.8.0 runs under Windows, Git client says version 1.9.5.msysgit.1 No problem connecting to GIThub https repositories with it.
I have run the authority tool and created a new client Cert for admin and then run git config --global http.sslCert admin.pem
When using git from the command line it will ask me for a password before putting the above error up.
When clicking on the Tortoise GIt https link it just sits there forever until you hit abort.
Cloning with SSH works -- at least on a local system, but I can't use that mechanism coming in from the internet as that port is already in use.
Anybody have any clues why I get the above error ?
Gary
Gitblit 1.8.0 runs under Windows, Git client says version 1.9.5.msysgit.1 No problem connecting to GIThub https repositories with it.
I have run the authority tool and created a new client Cert for admin and then run git config --global http.sslCert admin.pem
When using git from the command line it will ask me for a password before putting the above error up.
When clicking on the Tortoise GIt https link it just sits there forever until you hit abort.
Cloning with SSH works -- at least on a local system, but I can't use that mechanism coming in from the internet as that port is already in use.
Anybody have any clues why I get the above error ?
Gary
Matthias Sohn
Dec 20, 2016, 6:42:30 PM12/20/16
to git...@googlegroups.com
git doesn't trust your self-signed server certificate, you can fix this by configuring git to trust the certificate, see for example
or use a certificate from a trusted commercial or open certificate authority, e.g. you may try Lets Encrypt https://letsencrypt.org/
-Matthias
Gary Stofer
Dec 20, 2016, 11:44:47 PM12/20/16
to gitblit
Thanks for your answer.
The only solution other than turning SSL verification off was to set http.sslCAInfo to the 'pem' file created by gitBlit as discussed here.
However if you do that then any other access to Github or Gitlab will fail, because it's now apparently only looking at this one specific file. There is a more specific configuration that uses part of the url of the repository and then only applies the self signed cert to that specifically. See the link above.
Setting the http.sslCert control as outlined the the gitblit documentation did not work, neither did setting http.sslCAPath.
This is all very confusing. I had expected that I could just install a certificate on the machine similar to how its done for a browser.
gary
The only solution other than turning SSL verification off was to set http.sslCAInfo to the 'pem' file created by gitBlit as discussed here.
However if you do that then any other access to Github or Gitlab will fail, because it's now apparently only looking at this one specific file. There is a more specific configuration that uses part of the url of the repository and then only applies the self signed cert to that specifically. See the link above.
Setting the http.sslCert control as outlined the the gitblit documentation did not work, neither did setting http.sslCAPath.
This is all very confusing. I had expected that I could just install a certificate on the machine similar to how its done for a browser.
gary
Reply all
Reply to author
Forward
0 new messages