Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

git fatal error: Unsupported SSL backend 'schannel'

Trying to access git-bash prepared git repo with canonical git, and I'm getting:

$ git pull
fatal: Unsupported SSL backend 'schannel'. Supported SSL backends:
        gnutls

Following Using Git Bash under WSL, I've done git config http.sslBackend openssl:

$ git config http.sslBackend 
openssl

$ git config --global http.sslBackend
openssl

Following tip from reddit, I've done:

sudo apt install -y gnutls-bin

# and here are my installed packages:
ii gnutls-bin  amd64 GNU TLS library - commandline utilities
ii libcurl3-gnutls:amd64  amd64 easy-to-use client-side URL transfer library (GnuTLS flavour)
ii libgnutls-dane0:amd64  amd64 GNU TLS library - DANE security support
ii libgnutls30:amd64  amd64 GNU TLS library - main runtime library

What else I'm missing?

$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

Run within Windows WSL.

PS. After all above tweaking, git-bash can still pull this git repo just fine, so I guess the SSL backend 'schannel' is configured somewhere else in this repo.

PPS. Found that it has nothing to do with "git-bash prepared git repo", as even cloning a fresh one will give me the exact same error.

Here is my git config --show-origin -l output, let me know if I need to include more:

$ git config --show-origin -l | grep -E 'ssl|http'
file:/home/me/.gitconfig        http.sslbackend=openssl
file:.git/config        http.sslverify=false
file:.git/config        http.sslbackend=openssl
file:.git/config        http.emptyauth=true
file:.git/config        remote.origin.url=http://xxx:8080/tfs/DefaultCollection/xxx
file:.git/config        lfs.http://xxx:8080/tfs/DefaultCollection/xxx/info/lfs.access=ntlm
like image 283
xpt Avatar asked Mar 29 '21 22:03

xpt


2 Answers

In general, the http.sslBackend option is only usable on Windows. Most Linux distros don't offer it as an option, since they don't compile with multiple TLS libraries.

The proper solution is to remove all of the http.sslBackend options:

$ git config --unset-all http.sslBackend

If you must use OpenSSL for some reason, you'll need to compile with it yourself. Most Linux distros are legally prohibited from distributing Git linked to OpenSSL under the GPLv2, so they typically don't do that.

like image 184
bk2204 Avatar answered Oct 03 '22 08:10

bk2204


As the solution provided by @bk2204 didn't work for me i tried to change it manually to "gnutls" value and it worked.

1- I tried @bk2204 fix but it didn't work for me.

git config --unset-all http.sslBackend

2- tried to set http.sslBackend to "openssl"

git config --global http.sslBackend "openssl"

Nope

3- "If the cmd is proposing gnutls, why not use it?

git config --global http.sslBackend "gnutls" It doesn't work either

4- Change it manually!

cmd: vim ~/.gitconfig Replace the value of http sslBackend to gnutls

Tadá!

.gitconfig result

[http]
        sslBackend = gnutls
like image 44
Martin Larizzate Avatar answered Oct 03 '22 07:10

Martin Larizzate