I am using the GitGUI client on Windows 10 https://git-scm.com/downloads
Since i issued the global command (git config --global http.sslCAPath) i can now connect Here is the trace: $ git push -u origin master * Couldn't find host remcorpgit01.corp.group.local in the _netrc file; using defaults * timeout on name lookup is not supported * Trying 10.1.1.22... * Connected to remcorpgit01.corp.group.local (10.1.1.22) port 443 (#0) * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt CApath: none * NPN, negotiated HTTP1.1 * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 * ALPN, server did not agree to a protocol * Server certificate: * subject: C=NL; ST=Florida; L=Miami; O= International Inc.; OU=IT Team; CN=remcorpgit01.corp.group.local; [email protected] * start date: Jan 14 09:31:20 2016 GMT * expire date: Jan 11 09:31:20 2026 GMT * issuer: C=NL; ST=Florida; L=Miami; O= International Inc.; OU=IT Team; CN=remcorpgit01.corp.group.local; [email protected] * SSL certificate verify result: self signed certificate (18), continuing anyway. > GET /Bison/Test_Git_GUI.git/info/refs?service=git-receive-pack HTTP/1.1 Host: remcorpgit01.corp.group.local User-Agent: git/2.7.0.windows.1 Accept: */* Accept-Encoding: gzip Accept-Language: en-US, *;q=0.9 Pragma: no-cache < HTTP/1.1 401 Unauthorized < Server: nginx < Date: Thu, 14 Jan 2016 13:14:58 GMT < Content-Type: text/plain < Content-Length: 0 < Connection: keep-alive < Cache-Control: no-cache < Status: 401 Unauthorized < WWW-Authenticate: Basic realm="" < X-Request-Id: 2bd7c04b-7d74-49fe-b0f2-42b872f60679 < X-Runtime: 0.007080 < * Connection #0 to host remcorpgit01.corp.group.local left intact * Couldn't find host remcorpgit01.corp.group.local in the _netrc file; using defaults * Found bundle for host remcorpgit01.corp.group.local: 0xa001e0 * timeout on name lookup is not supported * Hostname remcorpgit01.corp.group.local was found in DNS cache * Trying 10.1.1.22... * Connected to remcorpgit01.corp.group.local (10.1.1.22) port 443 (#1) * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt CApath: none * SSL re-using session ID * NPN, negotiated HTTP1.1 * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 * ALPN, server did not agree to a protocol * Server certificate: * subject: C=NL; ST=Florida; L=Miami; O= International Inc.; OU=IT Team; CN=remcorpgit01.corp.group.local; [email protected] * start date: Jan 14 09:31:20 2016 GMT * expire date: Jan 11 09:31:20 2026 GMT * issuer: C=NL; ST=Florida; L=Miami; O= International Inc.; OU=IT Team; CN=remcorpgit01.corp.group.local; [email protected] * SSL certificate verify result: self signed certificate (18), continuing anyway. > GET /Bison/Test_Git_GUI.git/info/refs?service=git-receive-pack HTTP/1.1 Host: remcorpgit01.corp.group.local User-Agent: git/2.7.0.windows.1 Accept: */* Accept-Encoding: gzip Accept-Language: en-US, *;q=0.9 Pragma: no-cache < HTTP/1.1 401 Unauthorized < Server: nginx < Date: Thu, 14 Jan 2016 13:15:14 GMT < Content-Type: text/plain < Content-Length: 0 < Connection: keep-alive < Cache-Control: no-cache < Status: 401 Unauthorized < WWW-Authenticate: Basic realm="" < X-Request-Id: 51d0257c-aa2c-4fd1-b842-6a575b0c944e < X-Runtime: 0.261463 < * Connection #1 to host remcorpgit01.corp.group.local left intact * Issue another request to this URL: 'https://remcorpgit01.corp.group.local/Bison/Test_Git_GUI.git/info/refs?service=git-receive-pack' * Couldn't find host remcorpgit01.corp.group.local in the _netrc file; using defaults * Found bundle for host remcorpgit01.corp.group.local: 0xa001e0 * Re-using existing connection! (#1) with host remcorpgit01.corp.group.local * Connected to remcorpgit01.corp.group.local (10.1.1.22) port 443 (#1) * Server auth using Basic with user 'Bison' > GET /Bison/Test_Git_GUI.git/info/refs?service=git-receive-pack HTTP/1.1 Host: remcorpgit01.corp.group.local Authorization: Basic dGNhcGFjY2k6cEBzc3cwcmQ= User-Agent: git/2.7.0.windows.1 Accept: */* Accept-Encoding: gzip Accept-Language: en-US, *;q=0.9 Pragma: no-cache < HTTP/1.1 200 OK < Server: nginx < Date: Thu, 14 Jan 2016 13:15:14 GMT < Content-Type: application/x-git-receive-pack-advertisement < Content-Length: 179 < Connection: keep-alive < Cache-Control: no-cache < * Connection #1 to host remcorpgit01.corp.group.local left intact Counting objects: 3, done. Writing objects: 100% (3/3), 222 bytes | 0 bytes/s, done. Total 3 (delta 0), reused 0 (delta 0) * Couldn't find host remcorpgit01.corp.group.local in the _netrc file; using defaults * Found bundle for host remcorpgit01.corp.group.local: 0xa001e0 * Re-using existing connection! (#1) with host remcorpgit01.corp.group.local * Connected to remcorpgit01.corp.group.local (10.1.1.22) port 443 (#1) * Server auth using Basic with user 'Bison' > POST /Bison/Test_Git_GUI.git/git-receive-pack HTTP/1.1 Host: remcorpgit01.corp.group.local Authorization: Basic dGNhcGFjY2k6cEBzc3cwcmQ= User-Agent: git/2.7.0.windows.1 Accept-Encoding: gzip Content-Type: application/x-git-receive-pack-request Accept: application/x-git-receive-pack-result Content-Length: 384 * upload completely sent off: 384 out of 384 bytes < HTTP/1.1 200 OK < Server: nginx < Date: Thu, 14 Jan 2016 13:15:15 GMT < Content-Type: application/x-git-receive-pack-result < Content-Length: 52 < Connection: keep-alive < Cache-Control: no-cache < * Connection #1 to host remcorpgit01.corp.group.local left intact To https://remcorpgit01.corp.group.local/Bison/Test_Git_GUI.git * [new branch] master -> master Branch master set up to track remote branch master from origin. On Thursday, January 14, 2016 at 1:54:17 PM UTC+1, Konstantin Khomoutov wrote: > > On Thu, 14 Jan 2016 02:17:07 -0800 (PST) > Bison Ravi <[email protected] <javascript:>> wrote: > > > I have setup Git/GitLab on Debian 7.7 > > I have configured GitLab for SSL. > > > > Now i am trying to connect to my Git project with GitGUI for Windows > > and i receive the following error: > > > > fatal: unable to access > > 'https://git.corp.group.local/bravi/project_test2.git/': SSL > > certificate problem: self signed certificate > > I bet this error comes from the client-side Git instance, so your steps > (1) and (2) have no sense as the server has nothing to do with it. > > > I have read a couple of posts about that issue and tried this command: > > > > 1. git config --system http.sslCAPath /etc/gitlab/ssl. The path > > above contains the Self-Signed certificate i have created for use > > with Gitlab. > > 2. I also copied the crt file to ca-certifcates and ran the below > > command to add the CA as Trusted on the Git server > > > > cp /etc/gitlab/ssl/remcorpgit01.corp.remarkgroup.local.crt > > /usr/share/ca-certificates/ > > dpkg-reconfigure ca-certificates > > > > 3. I have installed the certificate on my local machine > > (Windows client) in the Trusted Root Certificate store > > This step is logically correct; unfortunately, it won't help: Git uses > libCURL for implementation of HTTP[S] transport, and that one is built > (assuming you're using Git for Windows as you tell us exactly zero > information about your client setup) to use a Windows port of the > OpenSSL library to provide SSL/TLS support. OpenSSL knows nothing > about Windows certificate storage and uses a special plain-text file or > a directory to look up its certificates (both client and CA). > > From there, you can explore two venues: > > * Run your Git client while having GIT_TRACE=1 and GIT_CURL_VERBOSE=1 > in the environment, like this: > > C:\> set GIT_TRACE=1 > C:\> > C:\> set GIT_CURL_VERBOSE=1 > C:\> > C:\> git fetch https://... > C:\> > > This will make your Git client extra-chatty about what's going on. > libCURL parts should print out what resources were used to look for > certificates. > > * Run `git help config` and read up on the http.ssl* group of settings > (just search for the string "http.ssl" in the manual page). > Some of them control places Git forces on libCURL/OpenSSL to use for > certificate lookups. > -- You received this message because you are subscribed to the Google Groups "Git for human beings" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
