发表新帖
发表新帖

github: server certificate verification failed

后端 未结
关注
7 919
予麋鹿
予麋鹿 2020-12-04 14:26

I just created a github account and a repository therein, but when trying to create a local working copy using the recommende url via

git clone https://githu
相关标签:
7条回答
  • 灰色年华
    2020-12-04 14:47

    Make sure first that you have certificates installed on your Debian in /etc/ssl/certs.

    If not, reinstall them:

    sudo apt-get install --reinstall ca-certificates

    Since that package does not include root certificates, add:

    sudo mkdir /usr/local/share/ca-certificates/cacert.org
sudo wget -P /usr/local/share/ca-certificates/cacert.org http://www.cacert.org/certs/root.crt http://www.cacert.org/certs/class3.crt
sudo update-ca-certificates

    Make sure your git does reference those CA:

    git config --global http.sslCAinfo /etc/ssl/certs/ca-certificates.crt

    Jason C mentions another potential cause (in the comments):

    It was the clock. The NTP server was down, the system clock wasn't set properly, I didn't notice or think to check initially, and the incorrect time was causing verification to fail.

    Certificates are time sensitive.

    0 讨论(0)
  • 北恋
    2020-12-04 14:49

    It can be also self-signed certificate, etc. Turning off SSL verification globally is unsafe. You can install the certificate so it will be visible for the system, but the certificate should be perfectly correct.

    Or you can clone with one time configuration parameter, so the command will be:

    git clone -c http.sslverify=false https://myserver/<user>/<project>.git;

    GIT will remember the false value, you can check it in the <project>/.git/config file.

    0 讨论(0)
  • 囚心锁ツ
    2020-12-04 14:53

    I also was having this error when trying to clone a repository from Github on a Windows Subsystem from Linux console:

    fatal: unable to access 'http://github.com/docker/getting-started.git/': server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none

    The solution from @VonC on this thread didn't work for me.

    The solution from this Fabian Lee's article solved it for me:

    openssl s_client -showcerts -servername github.com -connect github.com:443 </dev/null 2>/dev/null | sed -n -e '/BEGIN\ CERTIFICATE/,/END\ CERTIFICATE/ p'  > github-com.pem
cat github-com.pem | sudo tee -a /etc/ssl/certs/ca-certificates.crt
    0 讨论(0)
  • 醉话见心
    2020-12-04 14:55

    To me a simple

    sudo apt-get update

    solved the issue. It was a clock issue and with this command it resets to the current date/time and everything worked

    0 讨论(0)
  • 深忆病人
    2020-12-04 14:58

    Another possible cause is that the clock of your machine is not synced (e.g. on Raspberry Pi). Check the current date/time using:

    $ date

    If the date and/or time is incorrect, try to update using:

    $ sudo ntpdate -u time.nist.gov
    0 讨论(0)
  • 不知归路
    2020-12-04 15:06

    You can also disable SSL verification, (if the project does not require a high level of security other than login/password) by typing :

    git config --global http.sslverify false

    enjoy git :)

    0 讨论(0)
 看不清?
提交回复
热议问题