Linux Git: Unable to access remote: error setting certificate verify locations

Question

So I'm running OpenSUSE Leap 42.1, and Git 2.6.6. Up until today, I've had no problems pushing/pulling/fetching from a remote GitHub repo.

Now, today, I'm having this error message:

fatal: unable to access 'https://github.com/myName/myProject.git/': error setting certificate verify locations:
  CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none

Anytime I do a push/pull/fetch, I get this. My first thought was to check that filepath that's provided, and no file named ca-certificates.crt exists in /etc/ssl/certs.

So... I'm not entirely sure what to do. Not sure why this suddenly stopped working either, maybe an OS or git update broke it? Either way, looking to be pointed in the right direction.

Thanks.

Answer 1

Apparently, sometimes the cert files change so you need to keep a bundle of several , rather that just one! Moreover, I will recommend to try and maintain the secure connection rather that turning it off with:

git config --system http.sslVerify false

Or worse:

git config --global http.sslVerify false

That is a very bad practice and should be avoided at all causes.

So first, look up that bundle cert file. In Windows, it is located under the git installation dir, something like:

D:\Program Files\Git\mingw64\ssl\certs\ca-bundle.crt

In Linux, you can try something like this (I haven't try this though):

$ curl-config --ca
**/etc/ssl/certs/ca-certificates.crt**

or maybe this other location:

**/etc/ca-certificates/extracted/ca-bundle.trust.crt**

Regardless where it maybe or the OS you are using once you get that bundle certification file, you then need to tell git to configure using that cert. You can modify the git.config file several why but one straight way is:

git config --system http.sslcainfo /bin/curl-ca-bundle.crt

I hope it helps. For more information there is this other discussion. Please let me know if it helps.