Menu
at $WORK, we have to use an introspecting web proxy that rewrites the SSL certificate chain. I can verify this by using curl to get an https URL or running (o.k., trying to run :-) ) the firefox plugin updater.
The windows port of GIT, http://code.google.com/p/msysgit/, also complains about broken certificates. Is there a way to force it to ignore certificate problems?
Regards, Hakan
843
Creating a private key and a certificate signing requestCreate a certificate signing request (CSR) for Analyzer detail view server and send it to the certificate authority to obtain the certificate file. Log on to the Analyzer detail view server through an SSH client (like putty) as a root user.
The unable to get local issuer certificate error often occurs when the Git server's SSL certificate is self-signed. The issue with self-signed certificates is that the private key associated with them cannot be revoked, making it a security vulnerability.
Prepend GIT_SSL_NO_VERIFY=true before every git command run to skip SSL verification. This is particularly useful if you haven't checked out the repository yet. Run git config http. sslVerify false to disable SSL verification if you're working with a checked out repository already.
Set the GIT_SSL_NO_VERIFY environment variable to true.
Ex:
$ env GIT_SSL_NO_VERIFY=true git pull
I doubt it rewrites certificate chains, I imagine it has its own certificate which it returns instead of the target server's. If you want to use such a proxy of course your clients must trust it as well as/instead of the target server, which is just a matter of distributing the appropriate cert, or better still getting it signed by a CA. The last thing you want to do is ignore certificate problems: otherwise you may as well not use SSL at all.
39
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
