$ git pull origin master
fatal: unable to access 'https://xxxxxxxxxxxxxxx':
error setting certificate verify locations:
CAfile: C:/Users/abc/AppData/Local/Programs/Git/usr/bin/curl-ca-bundle.crt
CApath: none
I am getting this error when I pull or push my code.
Please guide me to fix this.
CodeWizard
121k21 gold badges138 silver badges162 bronze badges
asked Dec 29, 2015 at 11:26
4
When using https you will need to supply password or using a certificate.
In your case looks like the certificate is not a valid one.
Try fixing it like this by telling git where to find the certificate:
// Add the certificate to your configuration file
git config --system http.sslcainfo "C:Program Files (x86)gitbincurl-ca-bundle.crt"
Alternatively, you could disable SSL checks:
// or switch off SSL checks completely by executing:
git config --system http.sslverify false
Set this in your config to disable it only for the given url and not for all requests
[http "https://weak.example.com"]
sslVerify = false
http.sslVerify
Whether to verify the SSL certificate when fetching or pushing over HTTPS.
http.sslCAInfo
File containing the certificates to verify the peer with when fetching or pushing over HTTPS
answered Dec 29, 2015 at 11:31
CodeWizardCodeWizard
121k21 gold badges138 silver badges162 bronze badges
7
I once had the same problem. My problem occured after re-installing git for windows. I’m using git for windows 64-bit on windows 10.
I found out that the installer did not install git anymore in C:/Users/[USER_NAME]/AppData/Local/Programs/Git. Instead it installed it under
C:Program FilesGit.
Nevertheless the old config file C:ProgramDataGitconfig was not edited by the installer. This file still contains the old path so I edited it manually.
E.g. on my system I used
[http]
sslCAInfo = C:/Programme/Git/mingw64/ssl/certs/ca-bundle.crt
maybe you will have to use Program Files instead
sslCAInfo = C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt
EDIT
Like DS said in his comment
C:ProgramDataGitconfig needs to be edited as Administrator.
E.g. right click on notepad and select «Run as Administrator» then open the file.
answered Dec 29, 2015 at 11:42
René LinkRené Link
46.4k13 gold badges105 silver badges134 bronze badges
3
I was also facing this problem in windows and running git using gitbash. I just reinstalled gitbash, And gitbash automatically managed git certificate and its path needed.
answered Dec 29, 2015 at 12:14
3
In version 2.x of git-bash The path to the .crt has changed to ../Git/mingw64/ssl/certs/ca-bundle.crt. I had to update this manually in git-bash with
git config --global http.sslcainfo "/path/to/Git/mingw64/ssl/certs/ca-bundle.crt"
answered Apr 13, 2016 at 20:23
stitelerstiteler
1411 silver badge2 bronze badges
1
Try this
git config --system http.sslcainfo "C:Program Files (x86)gitbincurl-ca-bundle.crt"
or
Switch off your SSL by running this command
git config --system http.sslverify false
answered Dec 29, 2015 at 11:32
Prabu GunaPrabu Guna
3441 gold badge3 silver badges14 bronze badges
2
This issue might occur when git client is not able to find trusted CA for ssl. If you are in windows, try reinstalling it from https://gitforwindows.org/.
During the installation, select «Use the native Windows Secure Channel library» option.
That option will allow you to use your company’s internal Root CA certificate instead of default ca-bundle.crt
answered Jul 8, 2021 at 18:55
git config --global http.sslverify "false"
- will solve the problem
after that Pop-up window appear to enter your username and password
make sure valid .
answered Sep 13, 2017 at 19:46
0
If your git version is 2.8.1.windows.1,this may help you.
First , you need to locate your git home directory,mine is D:SDKGit.Just in the same directory,you can find folder «usr»,open it and goes to sslcerts,you can find the certificate:ca-bundle.crt.
Then open console,execute:
git config --system http.sslcainfo "D:SDKGitusrsslcertscabundle.crt"
answered Dec 9, 2016 at 14:54
This will do the work while moving from GIT 2.x clients to 2.5.x:
Looks like after installing a new version of GIT client, it changes the path it looks for certificates from something like this:
C:Program FilesGitmingw64
to something like this:
C:Program FilesGitmingw64libexec
To fix this, just copy the ‘ssl’ folder to the new location and it’ll work like a charm!
answered Oct 31, 2017 at 14:50
Naor BarNaor Bar
1,86319 silver badges15 bronze badges
0
Go your git directory and move the mingw64/ssl folder to mingw64/libexec/ssl
answered Jul 27, 2018 at 12:07
1
This thread is a lot of blind-leading-the-blind answers.
I’m just one more blind man here, but I just had the same issue and solved it by following this easy article. As I understand the original question, git is trying to find an SSL cert file in order to use the HTTPS protocol, and failing to find the file. Most of the answers here seem to focus on «well, just disable SSL then,» rather than replacing the file correctly.
This incantation should generate the cert file and put it in the correct location for git on cygwin:
$ curl -sL http://ca.pdinc.us > /etc/pki/ca-trust/source/anchors/ca.pdinc.us.pem
&& update-ca-trust
In case you monkeyed with your git config (like I did) and need to set it BACK, this should do it:
$ git config --global http.sslcainfo "/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt"
One other side note which could be impacting many of the people reading this thread: The expected location of the cert file depends on which git executable you’re running. Since we’re talking about Cygwin, some (most?) of us probably have a Windows-native flavor of git installed too. If your Cygwin paths are set up to find the Windows git executable, your mileage may vary in terms of where to point the http.sslcainfo configuration. To check which executable is getting picked up for you:
$ which git
answered May 31, 2019 at 4:45
I was having this problem after installing devel packages on cygwin.
I tried all of the fixes in this thread but nothing was working.
Then, I ran into this thread on github
I found where CAPATH was being specified in gitconfig, and I deleted that https specification, and it solved my issue.
Vega
27.1k27 gold badges91 silver badges98 bronze badges
answered Feb 17, 2019 at 7:29
I got the same problem after my latest update of cygwin after installing Windows 10.
The command update-ca-trust failed during installation.
The reason seem to be that the group owner for the certificate folder was corrupt.
The somewhat drastic solution was to delete /etc/group, it turned out that cygwin is able to ask windows directly about group rights.
Solution found at http://zaunerc.blogspot.se/2016/01/cygwin-mapping-windows-sids-to-posix.html
answered Jun 3, 2016 at 14:38
BimmeBimme
1272 silver badges12 bronze badges
1
I found the ssl certificate at :
C:Users[USERNAME]AppDataLocalGitHubPortableGit_[portable code]usrsslcerts
then you can follow solution by CodeWizard i.e. :
// Add the certificate to your configuration file
git config --system http.sslcainfo "[LOCATION_SPECIFIED_ABOVE]/cabundle.crt"
answered Oct 16, 2016 at 14:11
Current Git for Windows build (2.18.0.windows.1) has a bug — if the http.sslcainfo is not set it expects to find the certificate store in C:/Program Files/Git/mingw64/libexec/ssl/certs/ca-bundle.crt.
Certificate store is actually installed to C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt so to fix that you must specify the proper path.
Furthermore, the SCHANNEL implementation is also broken in this build.
Finally, Git credential manager is also broken because if you have CI/CO credentials stored from gitlab-runner installation it will fail to clone/push/pull with access denied error instead of prompting for different credentials.
answered Jul 28, 2018 at 9:00
I had previously installed git, then uninstalled it.
So for me was as simple as reinstalling the correct version of git (for me win x64) from
https://git-scm.com/download/win
answered Sep 11, 2020 at 5:05
MemeDeveloperMemeDeveloper
6,3632 gold badges41 silver badges58 bronze badges
Using Intellij and git-sdk-64, and picked git-sdk-64mingw64bingit.exe at first to be getting this issue, then when switched to git-sdk-64cmdgit.exe it figured the cert file location alone and no other configuration was needed. (have not used git config --global http.sslcainfo ...)
answered May 5, 2016 at 18:52
arntgarntg
1,49714 silver badges12 bronze badges
I have found the following steps useful in fixing the issue at my end for Windows 10:
Doing an uninstall of git.
However, git uninstaller doesn’t do a clean job. So you may need to go delete the Git directory at C:Users[My name]AppDataLocalPrograms
After this, a fresh install of git should install install it in the C:Program FilesGit directory where the config file points to in order to read the ssl certificate.
answered Jun 13, 2016 at 22:50
I had the same error and I fixed it reinstalling git in the default path:
C:Program FilesGit
That’s all
answered Jul 19, 2016 at 10:51
I’ve got the same error message but in my case it was because I’ve changed github settings to use ssh instead of https.
And the repository with the problem was cloned with https after removing the remote and re-adding it with ssh it’s working as expected.
$git remote remove origin
$git remote add origin git@github.com:UserName/repo.git
Then git remote show origin is correctly showing the remote.
answered Aug 2, 2016 at 20:18
AWolfAWolf
8,6905 gold badges32 silver badges39 bronze badges
1
I got the same error in Windows 7. Found that the certificate path referred in the error was not existing. Instead of …mingw32usrssl… the cert file was in …mingw2ssl…
So I created a usr folder manually and moved the entire ssl tree into usr. This fixed the issue.
answered Aug 9, 2016 at 14:38
I ran into the same error message but while cloning a github repository, unfortunately setting the http.sslcainfo didnt quite help. As I happened to be behind a corporate proxy server, setting the http.proxy fixed it for me.
answered Feb 8, 2018 at 22:59
Shreyas MuraliShreyas Murali
4262 gold badges8 silver badges14 bronze badges
Содержание
- Name already in use
- LetsHack / howto / GIT-SSL-Issues.md
- error setting certificate verify locations #1484
- Comments
- Bitbucket Support
- Knowledge base
- Products
- Jira Software
- Jira Service Management
- Jira Work Management
- Confluence
- Bitbucket
- Resources
- Documentation
- Community
- Suggestions and bugs
- Marketplace
- Billing and licensing
- Viewport
- Confluence
- SSL certificate problem: Unable to get local issuer certificate
- Related content
- Still need help?
- Problem
- Cause
- Resolution
- Resolution #1 — Self Signed certificate
- Resolution #2 — Default GIT crypto backend
- SSL certificate problem: self signed certificate in certificate chain #646
- Comments
- Error: server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
- Problem
- Analysis
- Solution
- Solution 1
- Solution 2
- Solution 3
Name already in use
LetsHack / howto / GIT-SSL-Issues.md
- Go to file T
- Go to line L
- Copy path
- Copy permalink
Copy raw contents
Copy raw contents
Fixing Git SSL Certificate Issues
Git use SSL extensively to ensure that communication between the Git client and the Git server is encrypted preventing MITM or Man In The Middle Attacks. However this can also cause issues when you’ve setup your own Git server and generate a self signed certificate. We’ve also seen these issues arise when using Git on Windows.
In this short howto we will look at fixing the GIT SSL issues that’s regularly encountered while using windows.
What Do The Errors Look Like
- You should not have these issues if developing code on Linux or Raspbian on the Raspberry Pi.
- The SSL issues can also crop up when trying to commit code into the master repo at Github from your local windows repository.
- Here’s what the error might look like —
There are a few different approaches to sort this out. Let’s look at both of them below.
Option 1 : Turn off Git SSL Verification
- You can stop the Git client from verifying your servers certificate and to trust all SSL certificates you use with the Git client.
- This has it’s own security risks as you would not be warned if there was a valid problem with the server you are trying to connect to.
- That said, it’s the quickest and easiest fix for a non trusted server certificate.
- Simply run the below git command on your Git client.
bash# git config —global http.sslVerify false
Option 2 : Tell Git Where Your Certificate Authority Certificates Are Located
- Another option is to point your Git client towards a folder that contains the Certificate Authority certificate that was used to sign your Git server’s SSL certificate.
- You may not have one of these if you’re using Self Signed certificates.
- Save the CA certificate to a folder on your Git client and run the following git command to tell your Git client to use it when connecting t the server:
bash# git config —system http.sslCAPath /git/certificates
Hope either of the above approaches have helped you fix your git SSL issue.
Источник
error setting certificate verify locations #1484
Hi,
I’m trying to follow the windows install instructions here:
http://npmjs.org/doc/README.html#Installing-on-Windows-Experimental
The install git link is dead so I hay have missed something but I installed git and got to:
git clone —recursive git://github.com/isaacs/npm.git
which gives the following error
Cloning into node_modules/abbrev.
error: error setting certificate verify locations:
CAfile: bincurl-ca-bundle.crt
CApath: none
while accessing https://github.com/isaacs/abbrev-js.git/info/refs
fatal: HTTP request failed
The text was updated successfully, but these errors were encountered:
Updated the instructions already. git config —system http.sslcainfo /bin/curl-ca-bundle.crt should make it work.
git config —global http.sslverify «false» will solve the problem
Thanks a ton . I also had the same problem and got that solved with the command you shared just now.Thanks a lot !!
Wow. Thanks @DedrickEnc worked like charm
It should be noted @DedrickEnc’s «solution» turns off the ssl verification and is a «work around» not a solution to the problem.
Thanks good response!
@DedrickEnc thanks ,your advice work !
@DedrickEnc, Thanks very much from Kiev!
@DedrickEnc You saved my hours. Thanks Man..
@DedrickEnc that worked, thanks!
@DedrickEnc, Thanks you so much!
@DedrickEnc , Thanks, but, what that command mean? Not clear why it work?
DedrickEnc’s response will work but it is ill advised to disable all SSL verification, you can specify specific paths to disable:
DISABLE ALL SSL
// or switch off ALL SSL checks completely by executing:
git config —system http.sslverify false
OR
//Set this in your config to disable it only for the GIVEN url and not for all requests
[http «https://weak.example.com»]
sslVerify = false
Also for me, the cert was just randomly in the wrong place. I made a dummy path to where my terminal thought my cert was, and copied and pasted my cert in there (in my case:
Источник
Bitbucket Support
Knowledge base
Products
Jira Software
Project and issue tracking
Jira Service Management
Service management and customer support
Jira Work Management
Manage any business project
Confluence
Bitbucket
Git code management
Resources
Documentation
Usage and admin help
Answers, support, and inspiration
Suggestions and bugs
Feature suggestions and bug reports
Marketplace
Billing and licensing
Frequently asked questions
Viewport
Confluence
SSL certificate problem: Unable to get local issuer certificate
Related content
Still need help?
The Atlassian Community is here for you.
Platform Notice: Cloud, Server, and Data Center — This article applies equally to all platforms .
Problem
The following is seen on the command line when pushing or pulling:
SSL Certificate problem: unable to get local issuer
Cause
There are two potential causes that have been identified for this issue.
- A Self-signed certificate cannot be verified.
- Default GIT crypto backend (Windows clients)
Resolution
Resolution #1 — Self Signed certificate
Workaround
Tell git to not perform the validation of the certificate using the global option:
Please be advised disabling SSL verification globally might be considered a security risk and should be implemented only temporarily
Resolution — Client Side
Please notice that we refer to the Certificate Authority in this article by the acronym CA.
There are several ways this issue has been resolved previously. Below we suggest possible solutions that should be run on the client side:
- Ensure the root cert is added to git.exe’s certificate store. The location of this file will depend on how/where GIT was installed. For instance, the trusted certificate store directory for Git Bash is C:Program FilesGitmingw64sslcerts. This is also discussed on this Microsoft blog.
Tell Git where to find the CA bundle, either by running:
where /absolute/path/to/git/certificates is the path to where you placed the file that contains the CA certificate(s).
or by copying the CA bundle to the /bin directory and adding the following to the gitconfig file:
Ensure that the complete certificate chain is present in the CA bundle file, including the root cert.
Resolution — Server Side
This issue can also happen on configurations where Bitbucket Server is secured with an SSL-terminating connector rather than a proxy
- Ensure that the Java KeyStore has the entire certificate chain (Intermediate CA and Root CA)
- View the Certificate Chain Details inside the KeyStore using a tool like the KeyStore Explorer to check
Resolution #2 — Default GIT crypto backend
When using Windows, the problem resides that git by default uses the «Linux» crypto backend, so the GIT operation may not complete occasionally. Starting with Git for Windows 2.14, you can configure Git to use SChannel, the built-in Windows networking layer as the crypto backend. To do that, just run the following command in the GIT client:
This means that it will use the Windows certificate storage mechan ism and you don’t need t o explicitly configure the curl CA storage ( http.sslCAInfo ) mechanism.
The following is seen on the command line when pushing or pulling: SSL Certificate problem: unable to get local issuer. This error occurs when a self-signed certificate cannot be verified.
Источник
SSL certificate problem: self signed certificate in certificate chain #646
I am unable to push to git. I see that there have been changes and I’ve been upgrading to catch up, but I’m really stuck. I’m sorry to post this, I’ve been trying to figure it out.
$ git —version
git version 2.17.0.windows.1 // 64 bit
$ git credential-manager version
Git Credential Manager for Windows version 1.16.0
git push origin master
fatal: unable to access ‘https://github.com/Synaccord/synaccord.git/’: SSL certificate problem: self signed certificate in certificate chain
This use to work, but I understand github has gotten more strict about SSL. Fine. But I can’t seem to delete the old certificate and create a new one.
On Windows 10 (Home Version 1709 OS Build 16299.431) when I go to Settings and search for «Credential» I see «Credential Manager», «Manage Windows Credentials», and «Manage Web Credentials». When I click on «Credential Manager» (or any of the three) the list disappears and I’m back to the search option. Has credential management been removed from windows?
git credential-manager ‘delete https://github.com/Synaccord/synaccord.git/
It returns no error, and has no effect on the git push
git config —list //filtered
http.sslcainfo=C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt
http.sslbackend=openssl
credential.usehttppath=true
credential.helper=manager
http.sslbackend=openssl
credential.manager=—version
I’m stuck. Any ideas would be appreciated.
The text was updated successfully, but these errors were encountered:
Источник
Error: server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
Problem
When accessing a Git server (pushing or pulling new commits), we get an error:
Analysis
Apparently, the certificate of your Git server is not trusted.
This usually happens if the Git server is using a self-signed SSL certificate, a Let’s Encrypt certificate (which gets renewed every at least 3 months) or simply because the certificate is expired.
BEWARE: This error might also mean that the Git server’s certificate is forged!
Solution
There are basically 3 solutions to this issue:
- Turning off the SSL cert check – fast with a possible security risk
- Appending a certificate to the system wide trusted ones – requires a bit of effort but more proper
- Adding the certificate to the
Solution 1
The first “fast & dirty” solution is simply to disable the SSL certificate check. There are two approaches to achieve this:
First: By setting the GIT_SSL_NO_VERIFY environment variable by executing the following command:
You can set this also in your shell startup script (i.e.
/.bashrc in case of Bash).
Setting GIT_SSL_NO_VERIFY=true will apply to all repos you are using.
If you want to turn off SSL checks only for some repos you can prefix your command with GIT_SSL_NO_VERIFY=true, for example:
Second: By setting the http.sslVerify config value of the repo to false, like this:
This will disable SSL certificate check for a specific repo only.
WARNING: Please note that by turning SSL checks off you are exposing yourself to a possible security risk. While your connection will be SSL encrypted, the SSL certificate might be forged.
You can also disable SSL checking for all repos:
There is a -c switch which enables specific configuration parameter to be passed to git when cloning a repo:
If one wants to disable SSL checks for one specific git server hosting several repositories, one can run :
This should add the setting to the user’s configuration.
Solution 2
Add the certificate to the list of trusted certificates. Follow this:
1. Retrieve the certificate
Replace YOUR_HOST with the hostname or IP of your Git server.
2. Copy the certificate between and including the following enclosing tags:
3. Append the certificate to the file:
This file can have other locations too. Determine the location of the ca-certificates.crt file by running:
Or to automatize create a script shown below. Do not forget to replace YOUR_HOST with the hostname or IP of your Git server in the script.
As a prerequisite you might need to install the libcurl4-openssl-dev package:
Solution 3
One can add a certificate to trusted ones by adding the following into
where file.pem must contain a certificate either retrieved as described in Solution 2 or a self-signed one.
Or one can disable certificate verification by adding to
represents the user’s home directory.
Lastly one can disable SSL cert checks for a specific server:
Источник
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and
privacy statement. We’ll occasionally send you account related emails.
Already on GitHub?
Sign in
to your account
Closed
lookfwd opened this issue
Jul 4, 2017
· 40 comments
Comments
Getting this error while cloning the book:
C:Usersme> git clone https://github.com/scalingexcellence/scrapybook.git
Cloning into 'scrapybook'...
fatal: unable to access 'https://github.com/scalingexcellence/scrapybook.git/':
error setting certificate verify locations:
CAfile: C:Program FilesGitmingw64/bin/curl-ca-bundle.crt
CApath: none
Copy link
Collaborator
Author
A temporary fix is to use GIT_SSL_NO_VERIFY to disable ssl checking.
set GIT_SSL_NO_VERIFY=true
git clone...
lucasbugnon, ElMoatamidOussama, Gelberm, KA24956T, ravi23796, dflo, LuizFelipe2mn, jkhere, xywang-talend, adiljamal007, and 60 more reacted with thumbs down emoji
SashaShoka reacted with confused emoji
Installing Git again fix this error in my case.
guptavibhor, abhipinapaka, ravi23796, adiljamal007, carlosdagos, susenmaharjan, selvin-joseph, andrewpareles, rahulnagavalli, Isaacbelo, and 16 more reacted with thumbs down emoji
git config --global http.sslverify "false"
This command resolve my problem
KA24956T, ravi23796, splinter89, dflo, adiljamal007, process0, carlosdagos, orgi, leonheess, carpenterjc, and 40 more reacted with thumbs down emoji
dcworldwide, PeterWippermann, adiljamal007, kuaidaili-dev, eperez86, liangkai, lmw123, FerAnimaciones, hisigns, navgarg, and 13 more reacted with laugh emoji
susenmaharjan, eperez86, liangkai, lmw123, gonghs, MrJavaScript1990, Myung5, peppard102, JElfferich, THEBEAST310, and 12 more reacted with hooray emoji
adiljamal007, AlexanderTang, aminechir, JRunnerL, leinad87, unrealcznyui, oxydonth, patheard, and ulysses-ck reacted with confused emoji
eperez86, liangkai, lmw123, FerAnimaciones, Myung5, Manamw2, navgarg, peppard102, JElfferich, Thejaswi1405, and 33 more reacted with heart emoji
Utkarsh-Gangal, mkltaneja, z3n3x, LiuYinglovecode, rxa271, Maxython, ulysses-ck, artyom12211, luzixiao, ScareTrow, and 2 more reacted with rocket emoji
eperez86, FerAnimaciones, NoBrainer, danghieuliem, ulysses-ck, lcan520, and Apteryx009 reacted with eyes emoji
still i am getting same error
git config --global http.sslverify "false"
This command resolve my problem
why it came what was the problem
why i need to use this command
why i need to use this command
It disables verification for all certificates.
Got the same issue, used SSH public key…more convenient for lazy dudes like me 
besides, cannot update Git client on my NAS in an easy way
It’s a better solution to get the ca-bundle.crt file and update the git config to use it with:
git config http.sslCAinfo "/path/to/ca-bundle.crt"
llMaximll and EdwinWalela reacted with hooray emoji
Bouriga, Leya555, bls61793, boro28, EdwinWalela, KingPegasus, shizzic, and lukasfichnaCGI reacted with heart emoji
@NoBrainer hey , I tried doing it . but it is not working . can you please help. still shows
CAfile: C:Program FilesGitmingw64/bin/curl-ca-bundle.crt
it is a mac OS.
@boiindo, it looks like you’re mixing Windows and UNIX-based path syntax. You probably want something more like:
git config http.sslCAinfo "/c/Program Files/Git/mingw64/bin/curl-ca-bundle.crt"
(Make sure you verify that the path is correct by doing something like: cd /c/Program Files/Git/mingw64/bin.)
@NoBrainer thanx for replying. I did notice the mixing of 2 syntax. Donot understand how a windows path is present in macos. tried searching for curl-ca-bundle, couldn’t find it. tried exporting certificates into a .pem file , but then get «fatal not in git directory» ( should i add the file in the bin) . when trying to change the path with git config , it says no access.
Kindly help. Can I download certificates from somewhere (don’t know authentic places) and place it in the git directory ?
@boiindo, you’ll need to check inside of the directory where git is installed. For my Windows installation, it’s this: Git/mingw64/ssl/certs/ca-bundle.crt. I’m not sure where it installs it for Mac, but I assume you can find it in the installation directory. (If you do not find this, you probably have an outdated version of git, so you should reinstall it first.)
Thanks guys, the following has helped me to fix the issue:
git config —global http.sslverify «false»
NoBrainer, mariusingjer, joshfleming, dandiDrazard, ErickOF, Gimli05, scrambledheads, sxs1539, imonsheikh, devakishore, and mrakic-igt reacted with thumbs down emoji
git config --global http.sslverify "false"
This command resolve my problem
Thank you soo sooo much
I got frustrated because it wasn’t working , thank you!!!!!
@Erasmus24 & @pranavdj9, by turning off http.sslverify, you are treating the symptom instead of solving the problem. You should fix the certificate issue instead of downgrading your security. This is only acceptable when debugging or working with a prototype.
Well… I really don’t know how to fix that, I tried searching the internet… but didn’t find anything relatable. If you know how to do it, then pls tell me
I’ve just started using git bash, so I only know limited and basic commands
@pranavdj9, you need to find where ca-bundle.crt is located within the Git installation. If you can’t find it, you probably have to update/reinstall Git. Once you find the file, you can run: git config http.sslCAinfo "/path/to/ca-bundle.crt"
Thanks so much
I will definitely try it
Thanks Steve I really appreciate
…
On Sun, Oct 25, 2020 at 9:07 PM Steven Penny ***@***.***> wrote:
I had this problem as well. My issue was this file:
/usr/ssl/certs/ca-bundle.crt
if by default just an empty file. So even if it exists, youll still get the
error as it doesnt contain any certificates. You can generate them like
this:
p11-kit extract —overwrite —format pem-bundle /usr/ssl/certs/ca-bundle.crt
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#36 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AQM7RKSSX5U6OJUI2DDB4DDSMTKXLANCNFSM4DRWJ7IA>
.
I was getting the same error, and i resolved it with this steps:
- Unnistall Git from your PC, and remove the folder remained(Git/etc).
- Access your path variables and remove the git from all the users and the general path.
- Install git again running as admin.
While installing git I enabled the git credential manager. Weeell, I clicked next next next finish
without customizing anything. But when am pushing my code to my github account and am about to complete authentication by authorizing the git credential manager, am unable to because where am supposed to click has been disabled.
Helloooo, I got a solution to my problem an am happy. I was using Microsoft edge a my default browser and it had no certificates for verification. That is why the button «authorize git credential manager» was disabled. Thanks to me😊
One possible reason you’re getting that error is because this path C:Program FilesGitmingw64/bin/curl-ca-bundle.crt (which is the CA file path shown in the error message) is NOT where your curl-ca-bundle.crt is located.
I went into program files (file explorer) and found that my CA file was located at D:ProgramFiles(D)Gitmingw64sslcertsca-bundle.crt. I had installed Git on a different location than they expected.
To tell Git to run on the correct path, run: git config --system http.sslcainfo "YOUR PATH"
example:
git config --system http.sslcainfo "D:ProgramFiles(D)Gitmingw64sslcertsca-bundle.crt"
After that, go ahead and run the git clone / git push / ect. stuff! Looks like the post author’s next step is running git clone https://github.com/scalingexcellence/scrapybook.git
@pranavdj9, you need to find where
ca-bundle.crtis located within the Git installation. If you can’t find it, you probably have to update/reinstall Git. Once you find the file, you can run:git config http.sslCAinfo "/path/to/ca-bundle.crt"
i know this reply is late but i am having same issue on my windows laptop. can you please guide me through?
git config —global http.sslverify «false»
This solved my error, thanks so much
Thanks guys, the following has helped me to fix the issue:
git config —global http.sslverify «false»
When I use this, it says: error: could not lock config file C:/Users/Irene/.gitconfig: Permission denied
what can i solve it?
git config —global http.sslverify «false»
This command solve problem
git config --global http.sslverify "false"This command resolve my problem
My Problem is solved using this command.
Thanks JayaniSumudini 👍🏻
It’s a better solution to get the
ca-bundle.crtfile and update the git config to use it with:git config http.sslCAinfo "/path/to/ca-bundle.crt"
This is the line we all need, it works like a charm for me, but be sure to have only that line and not http.sslCApath and use --system to apply system-wide
Here is my command :
sudo git config --system http.sslCAinfo /usr/local/share/ca-certificates/zscaler.crt
Here is my file :
[http]
sslCAinfo = /usr/local/share/ca-certificates/zscaler.crt
Disabling ssl was not an option for me
Like other suggested. git config --system http.sslCAinfo "C:Program FilesGitmingw64sslcertsca-bundle.crt" — worked, just remember to run this command in Terminal opened with administrator privilege… I didn’t, I suffered for 20 minutes.
Did the command that supposedly fixes it, went through successfully. Yet I am still getting the same error, I am using portablegit and do not have administrative permissions on this PC. Any ideas?
I had this issue as well. Hopefully I’m not repeating an answer but I figured I’d document a cause. I had renamed the «User» folder where git was installed. I had already updated my $PATH variables but I didn’t update any git configs.
Old Directory T:*oldname*Gitmingw64sslcertsca-bundle.crt
New Directory T:*newname*Gitmingw64sslcertsca-bundle.crt
So I just used this like many others posted above:
git config --global http.sslCAInfo T:newnameGitmingw64sslcertsca-bundle.crt
in my case this was caused by my ca-bundle.crt was owned by the wrong user and not readable by others, chmod a+r ca-bundle.crt fixed it
For me it was another issue. Had a friend much more experienced with git then me help fix it. They fixed it by running
git config --global http.sslbackend schannelThey found it off of here: microsoft/Git-Credential-Manager-for-Windows#646
Solved it for me
After the upgrade to Fedora 27, I can’t clone urls using https anymore, ssh works fine. The error is:
fatal: unable to access ‘https://repo-url’: SSL certificate problem: unable to get local issuer certificate
I didn’t change anything and my /etc/pki directory is almost the same like the one of a friend who’s still using F26.
I already tried:
- reinstalling git (2.14.3-2.fc27)
- reinstalling ca-certificates (2017.2.16-4.fc27)
- setting the git option sslCaInfo to /etc/pki/tls/cert.pem
Any other ideas?
asked Dec 1, 2017 at 12:06
5
Here are my ideas (I’d suggest to try again after each step so you can stop when your problem is fixed):
- Reinstall git-core (because it contains the relevant component:
/usr/libexec/git-core/git-remote-https. I usedstraceanddnf providesto find that out) - Reinstall ca-certificates (Should be Version 2017.2.16)
- Go to
/etc/pki/ca-trust/extracted/pemand rename the filetls-ca-bundle.pem. (Warning: This will temporarily break most of your SSL stuff, do remember to rename it back to the original name later.) Does the output of yourgit clonechange? For me it reads:
fatal: unable to access 'https://github.com/some_git': error setting certificate verify locations:
CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none - Find all packages which git depends on with
sudo dnf repoquery --requires --resolve git(this may take some time) and reinstall them.
answered Dec 6, 2017 at 22:45
dreuadreua
2582 silver badges10 bronze badges
1
The error come from the other end (the repo-url). You doesn’t need any certificate on your side.
The repo webserver is miss-configured (often wrong order in chain certificates, or just wrong type). It try to get own certificate, in order to initialize the SSL connection, but it fail, and give back such error. The git just write out the error from server, so the confusing *local» is not from your point of view.
answered Dec 1, 2017 at 14:01
2