Turning off Git's https verification
I am testing an internal git repository hosted with a self-signed Apache cert.
Unfortunately, I can't manage to push to it without an error like so
error: gnutls_handshake() failed: A TLS warning alert has been received. while accessing https://url
I have performed the following settings:
[http] sslverify = false
And in the environment variable world:
declare -x CURLOPT_SSL_VERIFYHOST="0" declare -x GIT_CURL_VERBOSE="1" declare -x GIT_SSL_NO_VERIFY="true"
What else might be my problem?
Just as a reference for people having the same problem: it's very likely that this happens due to git using libcurl-gnutls3 version < 7.21.7 on old Debian and Ubuntu distros.
There was a bug in the library that made it misbehave at least when going through an HTTP proxy to reach a HTTPS website (either your own local proxy or a remote reverse proxy or a government's transparent proxy). The question doesn't state if the author was using a proxy or not but I strongly suspect the problem could be related if not the same. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559371
The fix is to either upgrade to a new distro that supports a fixed libcurl-gnutls3 version, rebuild it yourself, rebuild git to use libcurl-openssl (see https://askubuntu.com/questions/186847/error-gnutls-handshake-falied ) or... avoid using https
It could be that ServerName in your apache VirtualHost is not right. It should correspond to the certificate server name. To find out the reason of TLS alert I suggest running wireshark.
Make git use the HTTPS instead:
Assuming your self-signed certificate is:
Do the following:
openssl x509 -in /etc/ssl/certs/selfsigned.pem -out ~/certs/selfsigned.crt git config --global http.sslcainfo ~/certs/selfsigned.crt
I was having a similar problem. After populating the servername in apache config for virtualhost, this worked. while curl --cacert https..var.git works, git clone https:..var.git threw the error -
Cloning into 'var'... error: gnutls_handshake() failed: A TLS warning alert has been received. while accessing https://foo.server/var.git/info/refs fatal: HTTP request failed
one more thing you should do, is after you do
cd /var/www/var (var is the document root)
sudo git clone --bare ~foo/var sudo git update-server-info