Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Errro while pushibng : SSL certificate problem: certificate has expired

I am getting the 'SSL certificate problem: certificate has expired' while pushing the changes in git using sourcetree.

Please help

7 answers

For me, the problem was related to Sectigo expiring one of their root certificates.  This means that any client/program that uses the old root certificate when attempting to verify SSL certs will throw a "certificate not valid" error.

If this is what you are encountering, you can fix this by re-installing / upgrading git.  This will install the latest root certificates at the same time.

I found this worked on my local machine.

On a remote server that had the same issue, I had to upgrade git, and then re-install the ca-certificates on the server itself with:

sudo apt-get install --reinstall ca-certificates
sudo mkdir /usr/local/share/ca-certificates/cacert.org
sudo wget -P /usr/local/share/ca-certificates/cacert.org http://www.cacert.org/certs/root.crt http://www.cacert.org/certs/class3.crt
sudo update-ca-certificates
git config --global http.sslCAinfo /etc/ssl/certs/ca-certificates.crt

 

Then I still had problems and realized git was looking at the wrong path and had to correct it with the following:

git config --global http.sslCAinfo /etc/ssl/certs/ca-certificates.crt

More importantly, I realized that the actual root cause is the SSL certificate on my domain name that I am using for my Bitbucket Server.

The chain certificate had to be updated by removing the expired root certificate.

There is a good page with tools that can help you update your own certificates on your domains:

https://whatsmychaincert.com/

Like Dalectric likes this

Updating Git to a newer version installs a new CA chain certificate which is used by Git. That solves the issue.

This fixed it for one of my users that had an issue

This fixed for my users as well.

I am having this problem this morning as well.

Yes. I am having this problem. In bamboo also.

Same here, trying to push changes and msg "SSL certificate problem: certificate has expired" appears.

Has anyone found a fix?  The only thing that has changed on my server is there was an Ubuntu kernel update. 

I have just set the following variable "http.sslVerify" to false and it worked. Just remember to set change it back later.

For a single repo

git config http.sslVerify false

For all repo

git config --global http.sslVerify false

This is not a good long term solution because you are basically choosing to use no encryption when pushing/pulling your code from Bitbucket Server.  This means you are vulnerable to man-in-the-middle attacks.

All of this appears related to this: https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Bitbucket

New improvements to user management in Bitbucket Cloud 👥

Hey Community! We’re willing to wager that quite a few of you not only use Bitbucket, but administer it too. Our team is excited to share that we’ll be releasing improvements throughout this month of...

270 views 2 10
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you