如何让 git 接受自签名证书? [英] How can I make git accept a self signed certificate?

问题描述

使用 Git，有没有办法让它接受自签名证书?

Using Git, is there a way to tell it to accept a self signed certificate?

我使用 https 服务器来托管 git 服务器，但现在证书是自签名的.

I am using an https server to host a git server but for now the certificate is self signed.

当我第一次尝试在那里创建存储库时:

When I try to create the repo there for the first time:

git push origin master -f

我收到错误:

error: Cannot access URL     
https://the server/git.aspx/PocketReferences/, return code 22

fatal: git-http-push failed

推荐答案

永久接受特定证书

尝试 http.sslCAPath 或 http.sslCAInfo.Adam Spiers 的回答 给出了一些很好的例子.这是最安全的解决方案.

To permanently accept a specific certificate

Try http.sslCAPath or http.sslCAInfo. Adam Spiers's answer gives some great examples. This is the most secure solution to the question.

尝试使用适当的配置变量将 -c 传递给 git，或使用 Flow 的回答:

try passing -c to git with the proper config variable, or use Flow's answer:

git -c http.sslVerify=false clone https://example.com/path/to/git

禁用特定存储库的 SSL 验证

可以全局停用 ssl 验证.强烈建议不要这样做，但为了完整性而提及:

To disable SSL verification for a specific repository

It is possible to globally deactivate ssl verification. It is highly recommended to NOT do this but it is mentioned for completeness:

git config --global http.sslVerify false # Do NOT do this!

---

git 中有很多 SSL 配置选项.来自 git config 的手册页:

---

There are quite a few SSL configuration options in git. From the man page of git config:

http.sslVerify
    Whether to verify the SSL certificate when fetching or pushing over HTTPS.
    Can be overridden by the GIT_SSL_NO_VERIFY environment variable.

http.sslCAInfo
    File containing the certificates to verify the peer with when fetching or pushing
    over HTTPS. Can be overridden by the GIT_SSL_CAINFO environment variable.

http.sslCAPath
    Path containing files with the CA certificates to verify the peer with when
    fetching or pushing over HTTPS.
    Can be overridden by the GIT_SSL_CAPATH environment variable.

其他一些有用的 SSL 配置选项:

A few other useful SSL configuration options:

http.sslCert
    File containing the SSL certificate when fetching or pushing over HTTPS.
    Can be overridden by the GIT_SSL_CERT environment variable.

http.sslKey
    File containing the SSL private key when fetching or pushing over HTTPS.
    Can be overridden by the GIT_SSL_KEY environment variable.

http.sslCertPasswordProtected
    Enable git's password prompt for the SSL certificate. Otherwise OpenSSL will
    prompt the user, possibly many times, if the certificate or private key is encrypted.
    Can be overridden by the GIT_SSL_CERT_PASSWORD_PROTECTED environment variable.

这篇关于如何让 git 接受自签名证书?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！