Git ssl error on windows
I keep getting the following error when attempting to clone a git repository using ssl on windows:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
开发者_运维问答The ssl certificate hierarchy is trusted (the issuer certificate is added to Trusted Root Certificate Authorities) and I can browse to the hosting site (a private instance of Gitorious) without ssl errors. I've tried cloning on Windows 7 and on Windows Server 2008 and it's failed both times.
Anyone got any ideas?
Git Apparently not take certificates saved in windows, you have to specify what editing the path to the certificate file .gitconfig
gitconfig location:
C:\Program Files (x86)\Git\etc
Add the line (replace with the path to file and yourCertificate.ctr with the name to your certificate):
.
.
.
[help]
format = html
[http]
sslVerify = true
sslCAinfo = C:/Program Files (x86)/Git/bin/curl-ca-bundle.crt
sslCAinfo = [route]/yourCertificate.crt
[sendemail]
smtpserver = /bin/msmtp.exe
[diff "astextplain"]
.
.
.
and try again..
The location of http.sslcainfo is stored in "C:\ProgramData\Git\config". It is not altered when uninstalling/reinstalling git.
I recently had to change it from
sslCAInfo = C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt
to
sslCAInfo = C:/Users/kristof/AppData/Local/Programs/Git/mingw64/ssl/certs/ca-bundle.crt
Also see issue:
Configure http.sslcainfo in Git for Windows' own system-wide config #531
https://github.com/git-for-windows/git/issues/531
Make sure to add to your Git global config file:
http.sslcainfo=/bin/curl-ca-bundle.crt
Your msysgit instance needs to know where to look for the CA certificates in order to validate them.
See more settings in this SO answer or in "Cannot get Http on git to work".
If all else fails, you can set the environment variable GIT_SSL_NO_VERIFY
to true
. However, it is hopefully possible to resolve the issue in another way. WARNING: This exposes you to SECURITY RISKS, as you can no longer trust that you're talking to the server you think you're talking to.
精彩评论