If you get the following error:
fatal: unable to access <git>: SSL certificate problem: self signed certificate in certificate chain
..when trying to clone a git
repo, then you can quickly get around it by doing one of the following.
Note that both of these solutions are merely workarounds and should be done at absolute worst case.
Workaround Solution 1
Disable SSL verification while running the git clone.
git -c http.sslVerify=false clone <repository-name>
Workaround Solution 2
Disable SSL verification globally while running the git clone.
git config --global http.sslVerify false
Solution 3 (recommended)
This solution is recommended, but takes a lot more work.
Download the actual certificate/certificate chain from the Git server and install it locally by pointing your --system
configuration for http.sslCAPath
to it.
git config --system http.sslCAPath /path/to/cacerts
Some other related questions
How do you fix self-signed certificate in certificate chain?
If the certificate is self-signed, that means that you have the local cert file itself. You can then:
git config --system http.sslCAPath /your/self-signed/cacerts
How do I remove SSL certificate problem self-signed certificate in certificate chain?
You can follow the above solutions, or workarounds. Remember that it’s best to assign a valid cacerts files. If one doesn’t exist, you can always ignore ssl by passing the -c http.sslVerify=false
flag.
What does self-signed certificate in certificate chain mean?
Self-signed certificates are where you have created a certificate yourself to be able to take advantage of TLS/SSL encryption in flight. As you created it yourself, this means that it was not signed by a trusted certificate authority, so other users of the service that uses this self-signed certificate will get a warning saying that the connection is not trusted.
How can I make git accept a self-signed certificate?
You will need to follow one of the steps above, dependent on the one that most meets your needs.