On Ubuntu, cloning a repo from a machine you don't have a certificate for will give the error:
fatal: unable to access 'https://servername': server certificate verification failed. CAFuile /etc/ssl/certs/your_filename CRLfile: None
You can work around this by tell git clone not to use the certificate e.g.
which is asking for trouble. However you can install the certificate, so you don't need to keep doing this.
git config --system http.sslverify falsewhich is asking for trouble. However you can install the certificate, so you don't need to keep doing this.
Using an answer here: https://stackoverflow.com/questions/21181231/server-certificate-verification-failed-cafile-etc-ssl-certs-ca-certificates-c looks to have worked, by trying things one step at a time:
hostname=gitlab.city.ac.uk
port=443
trust_cert_file_location=`curl-config --ca`
sudo bash -c "echo -n | openssl s_client -showcerts -connect $hostname:$port \
2>/dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' \
>> $trust_cert_file_location"
I did try this first – so errors don’t end up in dev null:
openssl s_client -showcerts -connect $hostname:$port
Also, I first got the error sed: unrecognised option '--ca'
It took a moment to realise the --ca came from curl-config, which I needed to install.
No comments:
Post a Comment