Reputation: 765
Git ssl error on windows
I keep getting the following error when attempting to clone a git repository using ssl on windows:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
The ssl certificate hierarchy is trusted (the issuer certificate is added to Trusted Root Certificate Authorities) and I can browse to the hosting site (a private instance of Gitorious) without ssl errors. I've tried cloning on Windows 7 and on Windows Server 2008 and it's failed both times.
Anyone got any ideas?
Upvotes: 13
Views: 48589
Answers (4)
Reputation: 37950
If all else fails, you can set the environment variable GIT_SSL_NO_VERIFY to true. However, it is hopefully possible to resolve the issue in another way. WARNING: This exposes you to SECURITY RISKS, as you can no longer trust that you're talking to the server you think you're talking to.
Upvotes: -1
Reputation: 4162
The location of http.sslcainfo is stored in "C:\ProgramData\Git\config". It is not altered when uninstalling/reinstalling git.
I recently had to change it from
sslCAInfo = C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt
to
sslCAInfo = C:/Users/kristof/AppData/Local/Programs/Git/mingw64/ssl/certs/ca-bundle.crt
Also see issue:
Configure http.sslcainfo in Git for Windows' own system-wide config #531
https://github.com/git-for-windows/git/issues/531
Upvotes: 1
Reputation: 321
Git Apparently not take certificates saved in windows, you have to specify what editing the path to the certificate file .gitconfig
gitconfig location:
C:\Program Files (x86)\Git\etc
Add the line (replace with the path to file and yourCertificate.ctr with the name to your certificate):
.
.
.
[help]
format = html
[http]
sslVerify = true
sslCAinfo = C:/Program Files (x86)/Git/bin/curl-ca-bundle.crt
sslCAinfo = [route]/yourCertificate.crt
[sendemail]
smtpserver = /bin/msmtp.exe
[diff "astextplain"]
.
.
.
and try again..
Upvotes: 19
Reputation: 1324228
Make sure to add to your Git global config file:
http.sslcainfo=/bin/curl-ca-bundle.crt
Your msysgit instance needs to know where to look for the CA certificates in order to validate them.
See more settings in this SO answer or in "Cannot get Http on git to work".
Upvotes: 0
Related Questions
- git fatal error: Unsupported SSL backend 'schannel'
- Invalid SSL certificate when pushing to Git server
- Unable to resolve "unable to get local issuer certificate" using git on Windows with self-signed certificate
- Git for Windows: SSL certificate problem: certificate has expired
- Git Fetch returns 'fatal: I don't handle protocol https' in windows
- git 2.20.1.windows.1 does not honor http.sslverify=false
- Git Error: OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to
- Git for Windows - clone over https failing
- Https certificate errors for GitHub using git on Windows 7
- Git on Windows not working with remote because of "SSL protocol" errors