Can't access Stash with Git - Issuer certificate is invalid
The following message is displayed when trying to
push to a Stash repository:
error: Issuer certificate is invalid. while accessing https://<USERNAME>@<STASH_HOST>:8443/ABC/test.git/info/refs fatal: HTTP request failed
You just added a self signed certificate to Stash and now your users are getting errors:
fatal: unable to access 'https://<username>@<stash_server>:<port>/<context>/scm/<project>/<repository>/': server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
The Stash certificate is not trusted by the
A very good article on the subject can be found here on Stack Overflow. In summary when you use a self signed certificate Git doesn't trust the certificate that is being sent to it. You can fix this in two ways:
- On each client system run:
git config --global http.sslVerify false
- The safer solution is to install the self signed server certificate on the git client machine.
I would suggest reviewing all of the answers and comments on that post as there are many competing opinions on the subject.
To be able to use a self-signed certificate do the following:
- Copy the Stash server's
certificate.pemfile to the git client's host.
- Convert the file into the
openssl x509 -
certificate.pem -out certificate.crt
- Now allow git to use this certificate by changing the user's git configuration file:
git config http.sslcainfo certificate.crt
All commands must be executed in the
<PATH> where the certificate was copied to.
Use a certificate that is signed by a Certificate Authority. These certificates are automatically trusted.