eGit with Self-Signed Certificate | PUR Logic, LLC

eGit with Self-Signed Certificate

Apr 21, 2012 by Chad Cravens

eclipse

When deciding to host my git repository over https and a server using a self-signed certificate, I came across the issue of eGit (correctly) not trusting the self-signed certificate presented by my server. Eclipse gave me the following error:

https://server/git/java/monkeywrench.git: cannot open git-upload-pack
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

When attempting to clone the git repository, I filled in the following:

When clicking “Next”, I was faced with this error:

To fix this, I had to configure the eGit plugin to not validate the server source. To do this I went to Windows -> Preferences in the Eclipse toolbar. I then navigated to Team -> Git -> Configuration. I added the following new key/value pair setting by clicking “New Entry” in the “User Settings” tab and setting http.sslVerify=false, as follows:

After hitting “OK”, my configuration screen looked like the following:

Hitting ok allowed eGit to now connect to the untrusted server over an HTTPS connection!

Write a comment!

Comments

  • Giseldo Neo

    Thank Man, it’s work.

    August 4, 2012 at 7:34 pm Reply
  • puneet

    I followed all the steps above, but still it doesn’t work for me !

    October 31, 2012 at 5:31 am Reply
    • Chad Cravens

      Hmmm…. it should work, you may want to make sure that you’re environment variable is spelled properly. Also, make sure that you export your environment variable. Let me know if you have any more questions!

      November 6, 2012 at 2:30 am Reply
      • James Moger

        Even with http.sslVerify=false JGit still enforces hostname verification of the SSL certificate. So if the cert has been issued for http://www.mysite.com but your git url uses a different hostname which resolves to the same ip address, you will still get failures. Native Git disables hostname verification when http.sslVerify=false, so this is an implementation difference between Git and JGit that will hopefully be solved in an upcoming release.

        November 12, 2012 at 4:26 pm Reply
        • Chad Cravens

          That’s good info James, do you know if a bug report has been filed for that?

          December 11, 2012 at 3:47 pm Reply
      • madhulika

        I am doing the same thing but its not working for me. Could you please give some pointers as to what might be the problem. I have set sslverify as false and my git configuration looks exactly the same as yours in the snapshot above.

        December 10, 2012 at 6:04 am Reply
      • madhulika

        The exact problem that I am facing is :
        When I try to import remote git projects the error that I get is :
        ————————————
        cannot open git-upload pack
        Please check :
        Network connection settings
        Network connection -> SSH2 eclipse preferences
        —————————
        I am able to successfully importing the project through command line by executing the following :
        git clone https:///gitrepos/common.git

        December 10, 2012 at 6:14 am Reply
        • Chad Cravens

          You may want to look at James comment above… Is the hostname the certificate is issued for different than the hostname you are trying to access, but with the same IP address?

          December 11, 2012 at 3:48 pm Reply
Categories
Recent News
  • Apr 01, 2012Earn $99 Per Referral!

    Wow, we’ve been so busy getting so many people to get up and running on WordPress! We love helping people … Read More

  • Mar 29, 2012100 Websites, 300 Days

    PUR Logic is officially launching our “100 Websites in 300 days” campaign. It is our desire to build and host … Read More

  • Feb 25, 2012New Site!!!

    We are very excited to officially launch our new site! This new site provides the professional and clean view that … Read More

Our Tweets
Latest Comments
  • Well.. I see the same problem when the cn= and I use the same IP address in configuring the GIT repository. This is even after adding http.sslVerify=false. Is this excepted ? egit - http://download.eclipse.org/egit/updates-2.3 jgit - 2.3.1.201302201838

    on eGit with Self-Signed Certificate by kalyan
Event Calendar
April 2012
M T W T F S S
« Mar    
 1
2345678
9101112131415
16171819202122
23242526272829
30