DEV Community

Frederick Ollinger
Frederick Ollinger

Posted on

2 1

Using a Self-Signed Certificate with Git Clone Https

Ever have a problem when you need to clone from a git repo with https, and it fails because you have a self signed certificate?

Every other post tells you to "turn off security".

Don't do that.

First download the certificate with this script:

#!/bin/env bash

# User Variables
API_HOST=example.gitlab.com # could be an ip address
PORT=443
CRT=secret.crt

BEGIN="-----BEGIN CERTIFICATE-----"
END="-----END CERTIFICATE-----"

echo $BEGIN > $CRT
echo quit | openssl s_client -showcerts -servername "${API_HOST}" -connect "${API_HOST}":${PORT} | sed "/$BEGIN/,/$END/!d;//d" >> $CRT
echo $END >> $CRT
Enter fullscreen mode Exit fullscreen mode

Use the script to download your certificate:

cd
./download-certificate.sh
Enter fullscreen mode Exit fullscreen mode

Now tell git where your certificate is:

git config --global http.sslCAInfo ~/secret.crt
Enter fullscreen mode Exit fullscreen mode

Done.

Now you should be able to use git clone with your https server without issues.

Top comments (0)

Image of Timescale

Timescale – the developer's data platform for modern apps, built on PostgreSQL

Timescale Cloud is PostgreSQL optimized for speed, scale, and performance. Over 3 million IoT, AI, crypto, and dev tool apps are powered by Timescale. Try it free today! No credit card required.

Try free

👋 Kindness is contagious

Engage with a sea of insights in this enlightening article, highly esteemed within the encouraging DEV Community. Programmers of every skill level are invited to participate and enrich our shared knowledge.

A simple "thank you" can uplift someone's spirits. Express your appreciation in the comments section!

On DEV, sharing knowledge smooths our journey and strengthens our community bonds. Found this useful? A brief thank you to the author can mean a lot.

Okay