Unable to clone Git repository due to self signed certificate

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

症状

Git server is using self signed certificate and Fisheye/Crucible is unable to clone a Git repository.

atlassian-fisheye-<date>.log に次のメッセージが表示される。

2013-07-02 18:15:48,400 WARN  [InitialPinger2 ] fisheye IndexingPingRequest-doRequest - Exception during FishEye Incremental Indexing of Gitrepo: com.cenqua.fisheye.config.ConfigException: Unable to clone remote repository: https://fisheyeuser@git.server:8443/scm/test/gitrepo.git
 - [fatal: unable to access 'https://fisheyeuser:XXXX@git.server:8443/scm/test/gitrepo.git/': SSL certificate problem: self signed certificate in certificate chain]
 - Cloning into bare repository 'clone'...

原因

Git client in Fisheye/Crucible server performs verification on the SSL certificate and stops the process if it is unknown.

回避策

#1 Disable SSL verification while running the git clone

git -c http.sslVerify=false clone <repository-name>

(info) This is safer once it only disables SSL for this particular command execution.


#2 Disable Git SSL verification in the server hosting Fisheye/Crucible with the following commands:

git config --global http.sslVerify false

(warning) Please be advised disabling SSL verification globally might be considered a security risk and should be implemented only temporary.



ソリューション

  1. Import the Git server self signed certificate into Fisheye/Crucible server according to Unable to connect to SSL services due to "PKIX Path Building Failed" error
  2. Configure the Git client in Fisheye/Crucible server to refer to the cacerts that have the imported certificate:

    git config --system http.sslCAPath /path/to/cacerts
  3. Restart Fisheye/Crucible server

最終更新日 2021 年 11 月 30 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.