Code
2023-11-17 10:00:05

SSL证书拒绝尝试通过防火墙后的HTTPS访问GitHub

我被困在防火墙后面,所以必须使用HTTPS访问我的GitHub存储库。我在Windows XP上使用cygwin 1.7.7。

我试过把遥控器设置为https://username@github.com/username/ExcelANT.git,但按下输入密码的提示,但输入后没有任何反应。 https://username:<密码>github.com/username/ExcelANT.git和克隆空回购从零开始,但每次它给我同样的错误

错误:SSL证书有问题,请检查CA证书是否正确。细节: SSL例程:SSL3_GET_SERVER_CERTIFICATE:访问https://github.com/username/ExcelANT.git/info/refs时证书验证失败

打开GIT_CURL_VERBOSE=1会给我

* About to connect() to github.com port 443 (#0) * Trying 207.97.227.239... * successfully set certificate verify locations: * CAfile: none CApath: /usr/ssl/certs * SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed * Expire cleared * Closing connection #0 * About to connect() to github.com port 443 (#0) * Trying 207.97.227.239... * successfully set certificate verify locations: * CAfile: none CApath: /usr/ssl/certs * SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed * Expire cleared * Closing connection #0 error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed while accessing https://github.com/username/ExcelANT.git/info/refs 

fatal: HTTP request failed

这是我的防火墙有问题吗,cygwin还是什么?

我没有在Git配置中设置HTTP代理,但是它是一个ISA服务器,需要NTLM身份验证,不是基本的,所以除非有人知道如何强制Git使用NTLM,否则我就完了。

当前回答

我知道最初的问题列出了Cygwin,但这是CentOS的解决方案:

curl http://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt

来源:http://eric.lubow.org/2011/security/fixing-centos-root-certificate-authority-issues/

2011-11-28 22:54:06

其他回答

设置SSL验证为false时在windows上克隆:

    git -c http.sslVerify=false clone http://example.com/e.git

如果你想克隆而不无聊你的全局设置。

2016-10-31 17:56:26

如果你只想在github.com上使用Cygwin git客户端,有一种更简单的方法,而不必经历下载、提取、转换和分割证书文件的麻烦。按以下步骤进行(我假设Windows XP与Cygwin和Firefox)

In Firefox, go to the github page (any) click on the github icon on the address bar to display the certificate Click through "more information" -> "display certificate" --> "details" and select each node in the hierarchy beginning with the uppermost one; for each of them click on "Export" and select the PEM format: GTECyberTrustGlobalRoot.pem DigiCertHighAssuranceEVRootCA.pem DigiCertHighAssuranceEVCA-1.pem github.com.pem Save the above files somewhere in your local drive, change the extension to .pem and move them to /usr/ssl/certs in your Cygwin installation (Windows: c:\cygwin\ssl\certs ) (optional) Run c_reshash from the bash.

就是这样。

当然,这只安装一个证书层次结构,你需要的github。当然,您可以将此方法用于任何其他站点,而不需要安装200个您(不一定)信任的站点。

2011-08-06 12:37:14

我在必须管理的协作开发平台上配置Git时遇到了同样的问题。

解决方法:

I've Updated the release of Curl installed on the server. Download the last version on the website Download page of curland follow the installation proceedings Installation proceedings of curl Get back the certificate of the authority which delivers the certificate for the server. Add this certificate to the CAcert file used by curl. On my server it is located in /etc/pki/tls/certs/ca-bundle.crt. Configure git to use this certificate file by editing the .gitconfig file and set the sslcainfo path. sslcainfo= /etc/pki/tls/certs/ca-bundle.crt On the client machine you must get the certificate and configure the .gitconfig file too.

我希望这对你们中的一些人有所帮助。

2013-04-29 09:36:56

在CentOS 5上。X,一个简单的yum update openssl更新了openssl包,更新了系统ca-bundle。CRT文件,帮我解决了这个问题。

其他发行版可能也是如此。

2012-11-06 17:12:43

我使用apt-cyg(一个类似于apt-get的伟大安装程序)来解决这个问题 轻松下载ca-certificates(包括Git等):

apt-cyg install ca-certificates

注意:apt-cyg需要先安装。你可以在Windows上这样做 命令行:

cd c:\cygwin
setup.exe -q -P wget,tar,qawk,bzip2,subversion,vim

关闭Windows cmd,打开Cygwin Bash:

wget rawgit.com/transcode-open/apt-cyg/master/apt-cyg
install apt-cyg /bin
2013-06-01 06:02:53

推荐文章

aliyun

最新文章

标签

2025 code 京ICP备15047053号-1