How can I make git accept a self signed certificate?

git version-control https self-signed
Ian Vink picture Ian Vink · Jul 24, 2012 · Viewed 839.2k times · Source

Using Git, is there a way to tell it to accept a self signed certificate?

I am using an https server to host a git server but for now the certificate is self signed.

When I try to create the repo there for the first time:

git push origin master -f

I get the error:

error: Cannot access URL     
https://the server/git.aspx/PocketReferences/, return code 22

fatal: git-http-push failed

Answer

Christopher picture Christopher · Jul 24, 2012

To permanently accept a specific certificate

Try http.sslCAPath or http.sslCAInfo. Adam Spiers's answer gives some great examples. This is the most secure solution to the question.

To disable TLS/SSL verification for a single git command

try passing -c to git with the proper config variable, or use Flow's answer:

git -c http.sslVerify=false clone https://example.com/path/to/git

To disable SSL verification for a specific repository

If the repository is completely under your control, you can try:

git config --global http.sslVerify false

There are quite a few SSL configuration options in git. From the man page of git config:

http.sslVerify
    Whether to verify the SSL certificate when fetching or pushing over HTTPS.
    Can be overridden by the GIT_SSL_NO_VERIFY environment variable.

http.sslCAInfo
    File containing the certificates to verify the peer with when fetching or pushing
    over HTTPS. Can be overridden by the GIT_SSL_CAINFO environment variable.

http.sslCAPath
    Path containing files with the CA certificates to verify the peer with when
    fetching or pushing over HTTPS.
    Can be overridden by the GIT_SSL_CAPATH environment variable.

A few other useful SSL configuration options:

http.sslCert
    File containing the SSL certificate when fetching or pushing over HTTPS.
    Can be overridden by the GIT_SSL_CERT environment variable.

http.sslKey
    File containing the SSL private key when fetching or pushing over HTTPS.
    Can be overridden by the GIT_SSL_KEY environment variable.

http.sslCertPasswordProtected
    Enable git's password prompt for the SSL certificate. Otherwise OpenSSL will
    prompt the user, possibly many times, if the certificate or private key is encrypted.
    Can be overridden by the GIT_SSL_CERT_PASSWORD_PROTECTED environment variable.

Related questions

How do I undo the most recent local commits in Git?

I accidentally committed the wrong files to Git, but didn't push the commit to the server yet. How can I undo those commits from the local repository?

Read More
How do I delete a Git branch locally and remotely?

I want to delete a branch both locally and remotely. Failed Attempts to Delete a Remote Branch $ git branch -d remotes/origin/bugfix error: branch 'remotes/origin/bugfix' not found. $ git branch -d origin/bugfix error: branch 'origin/bugfix' not …

Read More
How do I force "git pull" to overwrite local files?

How do I force an overwrite of local files on a git pull? The scenario is the following: A team member is modifying the templates for a website we are working on They are adding some images to the images …

Read More