How do I set GIT_SSL_NO_VERIFY for specific repos only?

I have to use a git server without proper certificates, but I don't want to have to do

env GIT_SSL_NO_VERIFY=true git command

every single time I do a git operation. But I would also like to leave SSL enabled for other git repositories. Is there a way to make this local to a single repo?

Answers


You can do

git config http.sslVerify false

in your specific repo to disable SSL certificate checking for that repo only.


Like what Thirumalai said, but inside of the cloned repository and without --global. I.e.,

  1. GIT_SSL_NO_VERIFY=true git clone https://url
  2. cd <directory-of-the-clone>
  3. git config http.sslVerify false

You can do as follows

For a single repo

git config http.sslVerify false

For all repo

git config --global http.sslVerify false

If you are on a Windows machine and have the Git installed, you can try the below steps:

  1. Go to the folder of Git installation, ex: C:\Program Files (x86)\Git\etc
  2. Edit the file: gitconfig
  3. Under the [http] section, add the line: sslVerify = false

    [http]
      sslVerify = false
    

In particular if you need recursive clone

GIT_SSL_NO_VERIFY=true git clone --recursive https://github.com/xx/xx.git

If you have to disable SSL checks for one git server hosting several repositories, you can run :

git config --bool --get-urlmatch http.sslverify https://my.bad.server false

(If you still use git < v1.8.5, run git config --global http.https://my.bad.server.sslVerify false)

Explanation from the documentation where the command is at the end, show the .gitconfig content looking like:

[http "https://my.bad.server"]
        sslVerify = false

It will ignore any certificate checks for this server, whatever the repository.

You also have some explanation in the code


There is an easy way of configuring GIT to handle your server the right way. Just add an specific http section for your git server and specify which certificate (Base64 encoded) to trust:

~/.gitconfig

[http "https://repo.your-server.com"]
# windows path use double back slashes
#  sslCaInfo = C:\\Users\\<user>\\repo.your-server.com.cer
# unix path to certificate (Base64 encoded)
sslCaInfo = /home/<user>/repo.your-server.com.cer

This way you will have no more SSL errors and validate the (usually) self-signed certificate. This is the best way to go, as it protects you from man-in-the-middle attacks. When you just disable ssl verification you are vulnerable to these kind of attacks.

https://git-scm.com/docs/git-config#git-config-httplturlgt


This works for me:

git init
git config --global http.sslVerify false
git clone https://myurl/myrepo.git

for windows, if you want global config, then run

git config --global http.sslVerify false

On Linux, if you call this inside the git repository folder:

git config http.sslVerify false

this will add sslVerify = false in the [http] section of the config file in the .git folder, which can also be the solution, if you want to add this manually with nano .git/config:

...
[http]
  sslVerify = false

Need Your Help

What is a vNext console application?

c# asp.net-core

I installed Visual Studio 2015 RC to try out the ASP.Net vNext templates. In the "Web" section, I have noticed a console application that appears as

change column header text on a JQuery Flexigrid?

jquery json flexigrid

I have a jquery flexigrid that I'm dynamically changing so that it displays different tabular data. I want, along with changing the data source (via the 'url' which I'm doing successfully), to cha...