Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What's the difference between OpenSSL and the native windows Secure Channel library

Tags:

git

github

I'm trying to download git bash for my laptop recently and trying to decide what is the difference between the two options. Thank you.

like image 560
R. Pang Avatar asked Jun 18 '20 18:06

R. Pang

People also ask

Which SSL library should I use for Git?

Choose a SSL/TLS library. Select 'Use the native Windows Secure Channel library. This allows Git to use the certificates that are native to your machine and may avoid a path problem later on.

Does Git have OpenSSL?

The OpenSSL software is developed using a Git repository. Read-only access to the repository is available at git.openssl.org. We also maintain a downstream clone on GitHub, at https://github.com/openssl/openssl on GitHub.

Is Git for Windows secure?

Developers using Git for Windows or Git on a multi-user machine are most at risk, as an advisory by GitHub explains: This vulnerability affects users working on multi-user machines where a malicious actor could create a . git directory in a shared location above a victim's current working directory.

Which terminal emulator do you want to use with your Git bash?

Use MinTTY(the default terminal of MSYS2)

1 Answers

If you are using git in an organization with enterprise-managed certificates, then you will need to use Secure Channel. If you are using git only to access public repositories (like GitHub) or your organization does not manage its own certificates, then you are perfectly fine using either SSL backend (they are just different implementations of the same protocol).

From https://github.com/git/git/commit/21084e84a418e0a6c4da72f632c5cd99386bd64b

As of version 7.56.0, curl supports being compiled with multiple SSL backends.

This patch adds the Git side of that feature: by setting http.sslBackend to "openssl" or "schannel", Git for Windows can now choose the SSL backend at runtime.

This comes in handy on Windows because Secure Channel ("schannel") is the native solution, accessing the Windows Credential Store, thereby allowing for enterprise-wide management of certificates. For historical reasons, Git for Windows needs to support OpenSSL still, as it has previously been the only supported SSL backend in Git for Windows for almost a decade.

The patch has been carried in Git for Windows for over a year, and is considered mature.

like image 53
jmou Avatar answered Oct 12 '22 23:10

jmou
Sign in to Comment

Related questions

Why is Jenkins getting Authentication Failed error for git submodule update?
Stuck repo using stash after crlf normalization?
Using SVN and Git side-by-side
Heroku - Git push without building
Configure git mergeoptions --no-edit on all branches
How do I reduce the size of a bloated Git repo by non-interactively squashing all commits except for the most recent ones?
Truncating commit messages
Git - Undoing changes [duplicate]
cygwin git "Protocol "https" not supported or disabled in libcurl"
Git squash commits of renamed files (an keep history)
Git treat nested git repos as regular file/folders
Git - Is cherry-picking a bad practice if I want to have a consistent workflow? [closed]
Does GitLab permit Wiki Merge Requests?
In Git for Windows Bash, how to install "get-apt" and "sudo" and all those basic commands? [closed]
How to merge several Git repos into one and interleave histories
Git cleanup/garbage collection on remote VSO git repository
Share Git repository between Windows VM and Linux host
Atlassian Bitbucket Sourcetree Git Credential Manager prompt
Git Gui "No diffferences detected"
Should we add Podfile.lock to .gitignore in Flutter projects?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!