1

Our server is configured with self-signed certificates. Normally I would just copy the certificate chain and install the certificates in Trusted Roots. That works for the web-site, but git uses it's own repository. I am using Git-2.21.0. I have tried several options that involve mods to C:\Users\{username}.gitconfig:

[http "https://server/"]  OR  [http]
    sslbackend = schannel  <-- tells git to use windows SLL and cert store
    checkRevoke = false    <-- tells git to not check for revokation, does not seem to do anything
    sslCAInfo = C:/Program Files/Git/mingw64/ssl/certs/mycert.cer  <-- tells git to use desired cert 
    sslBackend = openssl  <--tells git to Open ssl
    sslVerify = false     <--tells git to skip checking ssl

I tried multiple combinations of these from the Visual Studio Git interface. I can log on to the server, but can never get a clone operation to work. Whatever the problem is another developer has the same issue.

jlo-gmail
  • 4,453
  • 3
  • 37
  • 64

1 Answers1

1

I have this working: Uninstall Git; delete .gitconfig and git directory; Reinstall Git for Windows; Run git bash:

cd C:\Users\\{username}\\source\repos
git config --global http.sslVerify false
git clone https://repository_path_from_web_page

That cloned the repository and it can be seen in the Team explorer Changes/Pushes are working. I can now delete the repository and clone it using VS interface.

jlo-gmail
  • 4,453
  • 3
  • 37
  • 64
  • 1
    I have used the solution described here with Azure DevOps Server: https://stackoverflow.com/questions/11621768/how-can-i-make-git-accept-a-self-signed-certificate/49515609#49515609 – JukkaK May 15 '19 at 10:56
  • Doesn't that override ssl verification, thus opening a security risk? – Pinpin Jul 10 '20 at 14:47
  • Yes, but I can’t control the fact we use incorrect certain. In our case the cert comes from a server that cannot respond to chain validity checks – jlo-gmail Jul 10 '20 at 14:49