Reputation: 7310
How do I set GIT_SSL_NO_VERIFY for specific repos only?
I have to use a git server without proper certificates, but I don't want to have to do
env GIT_SSL_NO_VERIFY=true git command
every single time I do a git operation. But I would also like to leave SSL enabled for other git repositories. Is there a way to make this local to a single repo?
Upvotes: 443
Views: 1336228
Answers (12)
Reputation: 2786
Like what Thirumalai said, but inside of the cloned repository and without --global. I.e.,
GIT_SSL_NO_VERIFY=true git clone https://urlcd <directory-of-the-clone>git config http.sslVerify false
{update 2024-04-04} Actually, there is even more simple way how to do the first step:
git -c http.sslVerify=false clone https://url
Upvotes: 124
Reputation: 4275
One more point ,apart from
git config --global http.sslVerify false
just setting the SSL verification to false ,you also have to have the key to clone the repository. something like this
git clone https://[email protected]/myorg/MYpro.git"
5edwerwe32434lcvghjjextracgecj is the token generated from github under settings/ Developer settings/
Upvotes: 16
Reputation: 180987
You can do
git config http.sslVerify "false"
in your specific repo to disable SSL certificate checking for that repo only.
This won't work with git clone, since you don't yet have the local git repo to be able to set the flag in yet. Therefore in that case:
git -c http.sslVerify=false clone <path>
cd <directory>
git config http.sslVerify "false"
Upvotes: 850
Reputation: 1894
If you have to disable SSL checks for one git server hosting several repositories, you can run :
git config --bool --add http.https://my.bad.server.sslverify false
This will add it to your user's configuration.
Command to check:
git config --bool --get-urlmatch http.sslverify https://my.bad.server
(If you still use git < v1.8.5, run git config --global http.https://my.bad.server.sslVerify false)
Explanation from the documentation where the command is at the end, show the
.gitconfig content looking like:
[http "https://my.bad.server"]
sslVerify = false
It will ignore any certificate checks for this server, whatever the repository.
You also have some explanation in the code
Upvotes: 31
Reputation: 705
This question keeps coming up and I did not find a satisfying result yet, so here is what worked for me (based on a previous answer https://stackoverflow.com/a/52706362/1806760, which is not working):
My server is https://gitlab.dev with a self-signed certificate.
First run git config --system --edit (from an elevated command prompt, change --system to --global if you want to do it for just your user), then insert the following snippet after any previous [http] sections:
[http "https://gitlab.dev"]
sslVerify = false
Then check if you did everything correctly:
> git config --type=bool --get-urlmatch http.sslVerify https://gitlab.dev
false
Upvotes: 11
Reputation: 6809
This works for me:
git init
git config --global http.sslVerify false
git clone https://myurl/myrepo.git
Upvotes: 5
Reputation: 5577
There is an easy way of configuring GIT to handle your server the right way. Just add an specific http section for your git server and specify which certificate (Base64 encoded) to trust:
~/.gitconfig
[http "https://repo.your-server.com"]
# windows path use double back slashes
# sslCaInfo = C:\\Users\\<user>\\repo.your-server.com.cer
# unix path to certificate (Base64 encoded)
sslCaInfo = /home/<user>/repo.your-server.com.cer
This way you will have no more SSL errors and validate the (usually) self-signed certificate. This is the best way to go, as it protects you from man-in-the-middle attacks. When you just disable ssl verification you are vulnerable to these kind of attacks.
https://git-scm.com/docs/git-config#git-config-httplturlgt
Upvotes: 8
Reputation: 20865
On Linux, if you call this inside the git repository folder:
git config http.sslVerify false
this will add sslVerify = false in the [http] section of the config file in the .git folder, which can also be the solution, if you want to add this manually with nano .git/config:
...
[http]
sslVerify = false
Upvotes: 1
Reputation: 7094
If you are on a Windows machine and have the Git installed, you can try the below steps:
- Go to the folder of Git installation, ex: C:\Program Files (x86)\Git\etc
- Edit the file: gitconfig
Under the [http] section, add the line: sslVerify = false
[http] sslVerify = false
Upvotes: 19
Reputation: 5916
You can do as follows
For a single repo
git config http.sslVerify false
For all repo
git config --global http.sslVerify false
Upvotes: 242
Reputation: 3069
for windows, if you want global config, then run
git config --global http.sslVerify false
Upvotes: -2
Reputation: 249
In particular if you need recursive clone
GIT_SSL_NO_VERIFY=true git clone --recursive https://github.com/xx/xx.git
Upvotes: 24
Related Questions
- How can I make git accept a self signed certificate?
- SSL: CA certificate set, but certificate verification is disabled - Mac OS Sierra
- Git: http.sslVerify false global but only for specific remote
- disable SSL verify in GitHub CLI (gh)
- How to configure multible CA certs in git?
- Git remote and GIT_SSL_NO_VERIFY
- force git ignore ssl regardless of configs?
- git ssl without env GIT_SSL_NO_VERIFY=true
- Turning off Git's https verification
- Force git over SSL (Ubuntu config)