SourceTree和Stash:无法获取本地发行者证书 [英] SourceTree and Stash: Unable to get local issuer certificate

查看:1118
本文介绍了SourceTree和Stash:无法获取本地发行者证书的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我们在Windows 2k8 r2服务器上安装了Atlassian Stash,大部分情况都很好。我们有本地本地CA颁发的SSL证书和设置的DNS条目,所以我们可以去 https:// stash / ,它的工作原理非常好,除了Firefox在哪里引发了一个警告(相关?)。

当使用Atlassian的SourceTree时,我们可以导航并选择一个存储库,但是当我们尝试克隆它时,会出现以下错误:


致命:无法访问 https://user@url/scm/etc/etc.git :SSL
证书问题:无法获取本地发行者证书

我尝试,如果从git bash以及。基于这个错误,我试过了按照说明将SSL证书作为也在其网站上发现,包括评论中的内容,但无济于事。我已经通过firefox和通过mmc证书管理单元导出了证书,获得了相同的结果并将其放入它自己的文件中,并结合curl文件,并且无论发生什么问题都会导致此错误。我还没有尝试让它使用SSH密钥,因为我希望让我的团队更容易。



我也尝试使用 ssh myserver 并接受连接,然后我输入密码并重新启动,仍然出现同样的错误。



我不想简单

我尝试了各种其他解决方案在SO上发现,但已经取得了零进展。我如何才能使用我们的CA颁发的证书工作?

解决方案

启示是我只使用服务器本身的证书。我对所有文章的理解是错误的,就像处理自签名证书一样,你只是告诉Git相信这个证书。这不是我们的情况。



相反,它是我们域中的根CA证书,我应该导出并告诉Git信任它。我发誓我在上周早些时候尝试过这一切开始时,但我的耻辱,我不能有。



让这是任何人谁发现自己的警告我的位置!

We have Atlassian Stash installed on a windows 2k8 r2 server, and for the most part everything is working nicely. We have a SSL certificate issued by our local on-premise CA and a DNS entry set up so we can go to https://stash/ and it works quite nicely except in Firefox where it throws a warning (related?).

When using Atlassian's SourceTree we can navigate and choose a repository, but when we try to clone it we get the following error:

fatal: unable to access https://user@url/scm/etc/etc.git: SSL certificate problem: unable to get local issuer certificate

I get the same error if I try if from the git bash as well. Based on this error, I've tried following the instructions on adding the SSL certificate to the Git as also found on their website, including what is in the comments, to no avail. I have exported the cert through firefox and through the mmc certificate snapin, gotten the same results and put it in it's own file, combined with the curl file, and no matter what keep getting this error. I have yet to try getting it to work with SSH keys yet since I was hoping to make this easier for my team.

I also tried using ssh myserver and accepting the connection, and I entered my password and restarted, still the same error.

I do not want to simply ignore certificate validation either, since that seems a bit pointless, then.

I have tried various other solutions found on SO, but have made zero headway. How can I get this working with our CA-issued cert?

解决方案

After working with a peer who had been out until today, the revelation is that I had been using ONLY the certificate for the server itself. My [faulty] understanding of all the articles was that, similar to handling self-signed certs, you just tell Git to trust this cert. This is not the case for us.

Instead, it is the Root CA Cert from our domain that I should have been exporting and telling Git to trust. I swear I tried that early last week when this all first started, but to my shame I must not have.

Let this be a warning for anyone else who find themselves in my position!

这篇关于SourceTree和Stash:无法获取本地发行者证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆