SourceTree and Stash: Unable to get local issuer certificate

Question

We have Atlassian Stash installed on a Windows 2008R2 server, and for the most part everything is working nicely. We have an SSL certificate issued by our local on-premise CA an

Answer 1

I just disabled SSL certificate checks (which is fine for internal repos):

Tools > Options > Git > Disable SSL certificate validation (ticked)

Answer 2

After working with a peer who had been out until today, the revelation is that I had been using ONLY the certificate for the server itself. My [faulty] understanding of all the articles was that, similar to handling self-signed certs, you just tell Git to trust this cert. This is not the case for us.

Instead, it is the Root CA Cert from our domain that I should have been exporting and telling Git to trust. I swear I tried that early last week when this all first started, but to my shame I must not have.

Let this be a warning for anyone else who find themselves in my position!

Answer 3

You'll need to use the full chain certificate for your service which means not only your certificate but the intermidate and root ca in the cert file