Unable to clone Git repository due to self signed certificate

Still need help?

The Atlassian Community is here for you.

Ask the community

Symptoms

Git server is using self signed certificate and Fisheye/Crucible is unable to clone a Git repository.

The following appears in the atlassian-fisheye-<date>.log:

2013-07-02 18:15:48,400 WARN  [InitialPinger2 ] fisheye IndexingPingRequest-doRequest - Exception during FishEye Incremental Indexing of Gitrepo: com.cenqua.fisheye.config.ConfigException: Unable to clone remote repository: https://fisheyeuser@git.server:8443/scm/test/gitrepo.git
 - [fatal: unable to access 'https://fisheyeuser:XXXX@git.server:8443/scm/test/gitrepo.git/': SSL certificate problem: self signed certificate in certificate chain]
 - Cloning into bare repository 'clone'...

Cause

Git client in Fisheye/Crucible server performs verification on the SSL certificate and stops the process if it is unknown.

Workaround

#1 Disable SSL verification while running the git clone

git -c http.sslVerify=false clone <repository-name>

(info) This is safer once it only disables SSL for this particular command execution.


#2 Disable Git SSL verification in the server hosting Fisheye/Crucible with the following commands:

git config --global http.sslVerify false

(warning) Please be advised disabling SSL verification globally might be considered a security risk and should be implemented only temporary.



Resolution

  1. Import the Git server self signed certificate into Fisheye/Crucible server according to Unable to connect to SSL services due to "PKIX Path Building Failed" error
  2. Configure the Git client in Fisheye/Crucible server to refer to the cacerts that have the imported certificate:

    git config --system http.sslCAPath /path/to/cacerts
  3. Restart Fisheye/Crucible server

Last modified on Nov 30, 2021

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.