9

I have the following code in my Dockerfile:

FROM alpine/git as clone 
WORKDIR /app
RUN git clone https://github.com/spring-projects/spring-petclinic.git

However, I'm getting this error:

fatal: unable to access 'https://github.com/spring-projects/spring-petclinic.git/': SSL certificate problem: self signed certificate in certificate chain

I actually have a local git and I can't disable SSL certificate.

anothernode
  • 5,100
  • 13
  • 43
  • 62
aQ123
  • 560
  • 1
  • 8
  • 19
  • You can download the certificate and accept it via git config or you can disable SSLVerify (which should be the last way out, because of potential MITM attacks). You can also set sslverify to false with `git -c http.sslVerify=false cmd` to each command using. – colidyre Aug 28 '18 at 23:08
  • Possible duplicate of [configure Git to accept a particular self-signed server certificate for a particular https remote](https://stackoverflow.com/questions/9072376/configure-git-to-accept-a-particular-self-signed-server-certificate-for-a-partic) – phd Aug 28 '18 at 23:30
  • https://stackoverflow.com/search?q=%5Bgit%5D+SSL+certificate+problem%3A+self+signed+certificate+in+certificate+chain – phd Aug 28 '18 at 23:30

1 Answers1

10

Try and add to your Dockerfile, before the git clone:

RUN apk add --update \
       ca-certificates \
    && update-ca-certificates

From there, as commented, you can clone the repo with an HTTPS URL like:

https://username:password@some.company.com/project_name.git
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Thank you. What are the commands for alpine Linux? apt-get is not available for alpine. – aQ123 Aug 29 '18 at 13:28
  • @aQ123 Try `apk add --no-cache`. See example: https://github.com/gliderlabs/docker-alpine/blob/master/docs/usage.md#example – VonC Aug 29 '18 at 13:29
  • My file looks now like this but I'm getting this error: Host key verification failed. fatal: Could not read from remote repository. FROM alpine/git RUN apk add --update \ ca-certificates \ && update-ca-certificates RUN mkdir -p /root/.ssh ADD id_rsa /root/.ssh/id_rsa RUN chmod 700 /root/.ssh/id_rsa WORKDIR /app RUN git clone git@github.com:spring-projects/spring-petclinic.git – aQ123 Aug 29 '18 at 15:37
  • Try and use the https URL for cloning the repository – VonC Aug 29 '18 at 15:57
  • I tried with https and even added GIT_SSL_NO_VERIFY=true but I'm getting this error: fatal: could not read Password for 'https://github.com/spring-projects/spring-petclinic.git': No such device or address – aQ123 Aug 29 '18 at 17:37
  • I was able to solve it by providing this https url: https://username:password@some.company.com/project_name.git – aQ123 Aug 29 '18 at 17:48