Unable to clone Git repository due to self signed certificate

[Origin]: https://confluence.atlassian.com/bitbucketserverkb/resolving-ssl-self-signed-certificate-errors-806029899.html

Symptoms

Git server is using self signed certificate and FishEye/Crucible unable to clone the Git repository.

The following appears in the atlassian-fisheye-<date>.log:

2013-07-02 18:15:48,400 WARN  [InitialPinger2 ] fisheye IndexingPingRequest-doRequest - Exception during FishEye Incremental Indexing of Gitrepo: com.cenqua.fisheye.config.ConfigException: Unable to clone remote repository: https://fisheyeuser@git.server:8443/scm/test/gitrepo.git
 - [fatal: unable to access 'https://fisheyeuser:XXXX@git.server:8443/scm/test/gitrepo.git/': SSL certificate problem: self signed certificate in certificate chain]
 - Cloning into bare repository 'clone'...

Cause

Git client in FishEye/Crucible server perform verification on the SSL certificate and stop the process if it is unknown.

Workaround

Disable Git SSL verification in the server hosting FishEye/Crucible with the following commands:

git config --global http.sslVerify false

Resolution

1. Import the Git server self signed certificate into FishEye/Crucible server according to PKIX Path Building Failed - Cannot Set Up Trusted Applications To SSL Services
2. Configure the Git client in FishEye/Crucible server to refer to the cacerts that have the imported certificate: 

git config --system http.sslCAPath /path/to/cacerts

3. Restart FishEye/Crucible server

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s