Linking SourceTree to Stash: The Certificate for This Server Is Invalid

Still need help?

The Atlassian Community is here for you.

Ask the community

Problem

SourceTree is trying to link to a Stash instance that is using a self-signed SSL certificate. Stash Git repositories themselves have been set to be clone-able by setting setenv GIT_SSL_NO_VERIFY 1 in /etc/launchd.conf

Also the public key for the self-signed certificate is present and trusted within the Mac OS X Keychain. As SourceTree's "Hosted Accounts" feature is used to link to the Stash instance, this does not seem to work due to a certificate trust issue. The following error message is displayed:

Stash API Call Failed
The certificate for this server is invalid. You might be connecting to a server that is pretending to be "stash.xxxxxx.com" which could put your confidential information at risk.

If the application is run from a command line to perform this step, the following error message is displayed in the terminal window:

2012-05-10 12:35:03.162 SourceTree[9209:60b] Stash call failed: Error Domain=SDNetDomain Code=3 "Connection returned NULL data" UserInfo=0x4004e7da0 {NSLocalizedDescription=Connection returned NULL data, NSUnderlyingError=0x40082c600 "The certificate for this server is invalid. You might be connecting to a server that is pretending to be "stash.xxxxxx.com" which could put your confidential information at risk."}

Cause

The certificate is self-signed and therefore not automatically trusted by the system.

Resolution

This self-signed certificate must be explicitly trusted. Details of how to do this can be found in the following guide: Resolving SSL Self-Signed Certificate Errors

Last modified on Feb 26, 2016

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.