How to skip SSL verification in LibGit2Sharp

天涯浪子 提交于 2019-12-11 11:29:06

问题


I recently started to use LibGit2Sharp and was able to start using this successfully. However, I am hitting one issue which I am unable to resolve related to SSL verification very similar to this one. For one of my scenario, I need to skip SSL verification.

I get the following exception when I try this scenario.

user cancelled certificate check:

I tried using the solution mentioned in the link above which is as follows.

RemoteCertificateValidationCallback certificateValidationCallback = (sender, certificate, chain, errors) => { return true; };
ServicePointManager.ServerCertificateValidationCallback = certificateValidationCallback;
GlobalSettings.RegisterSmartSubtransport<MockSmartSubtransport>("https");

I placed the above mentioned code before performing the git operation.

I see that the custom certificateValidationCallback is getting called. However, after that the git command fails with the following exception, "The remote server returned an error: (401) Unauthorized."

Any solution to this issue?


回答1:


For one of my scenario, I need to skip SSL verification.

Then use the http.sslVerify configuration setting. If that doesn't work, file an issue in LibGit2Sharp. But don't try to use your own subtransport.

This is not something that should be done without knowing exactly what you're doing. This is not for trivial little things like SSL certificates, this is for when you have your own complete, existing HTTP stack that you want to use and you simply can't use the one that's included in LibGit2Sharp.

If you're experimenting thinking that maybe using your own subtransport will solve a very simple problem then it won't. And pulling a test out and trying to make it actually work is likely to fail. Now you are responsible for everything like authentication and SSL handling.

Instead, turn off SSL verification with the http.sslVerify configuration setting.




回答2:


Skipping the TLS certificate check is not currently supported. libgit2 used to honour http.sslverify but that was replaced with a callback to give the caller knowledge about what they were connecting to. This callback allows the user to allow the connection to continue or to abort it. It is unfortunately not implemented at the moment in libgit2sharp.

And as Edward says, replacing the whole HTTP stack is not going to solve much, especially when it's a fake one named so.



来源:https://stackoverflow.com/questions/31165879/how-to-skip-ssl-verification-in-libgit2sharp

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!