DEV Community

Frederick Ollinger
Frederick Ollinger

Posted on

3 1

Using a Self-Signed Certificate with Git Clone Https

Ever have a problem when you need to clone from a git repo with https, and it fails because you have a self signed certificate?

Every other post tells you to "turn off security".

Don't do that.

First download the certificate with this script:

#!/bin/env bash

# User Variables
API_HOST=example.gitlab.com # could be an ip address
PORT=443
CRT=secret.crt

BEGIN="-----BEGIN CERTIFICATE-----"
END="-----END CERTIFICATE-----"

echo $BEGIN > $CRT
echo quit | openssl s_client -showcerts -servername "${API_HOST}" -connect "${API_HOST}":${PORT} | sed "/$BEGIN/,/$END/!d;//d" >> $CRT
echo $END >> $CRT
Enter fullscreen mode Exit fullscreen mode

Use the script to download your certificate:

cd
./download-certificate.sh
Enter fullscreen mode Exit fullscreen mode

Now tell git where your certificate is:

git config --global http.sslCAInfo ~/secret.crt
Enter fullscreen mode Exit fullscreen mode

Done.

Now you should be able to use git clone with your https server without issues.

Top comments (0)

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

👋 Kindness is contagious

Engage with a sea of insights in this enlightening article, highly esteemed within the encouraging DEV Community. Programmers of every skill level are invited to participate and enrich our shared knowledge.

A simple "thank you" can uplift someone's spirits. Express your appreciation in the comments section!

On DEV, sharing knowledge smooths our journey and strengthens our community bonds. Found this useful? A brief thank you to the author can mean a lot.

Okay