Can't access Stash with Git - Issuer certificate is invalid

Git のトラブルシューティング

このページの内容

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

症状

The following message is displayed when trying to push to a Stash repository:

error: Issuer certificate is invalid. while accessing https://<USERNAME>@<STASH_HOST>:8443/ABC/test.git/info/refs
fatal: HTTP request failed

You just added a self signed certificate to Stash and now your users are getting errors:

fatal: unable to access 'https://<username>@<stash_server>:<port>/<context>/scm/<project>/<repository>/': server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

原因

The Stash certificate is not trusted by the git client.

回避策

A very good article on the subject can be found here on Stack Overflow. In summary when you use a self signed certificate Git doesn't trust the certificate that is being sent to it. You can fix this in two ways:

  1. On each client system run: git config --global http.sslVerify false
  2. The safer solution is to install the self signed server certificate on the git client machine.

I would suggest reviewing all of the answers and comments on that post as there are many competing opinions on the subject.

ソリューション

To be able to use a self-signed certificate do the following:

ソリューション 1

  • Copy the Stash server's certificate.pem file to the git client's host.
  • Convert the file into the X.509 format.
openssl x509 -in certificate.pem -out certificate.crt
  • Now allow git to use this certificate by changing the user's git configuration file: 

git config http.sslcainfo certificate.crt

(info) All commands must be executed in the <PATH> where the certificate was copied to.

ソリューション 2

Use a certificate that is signed by a Certificate Authority. These certificates are automatically trusted.

Last modified on Mar 30, 2016

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.