I tried to push to my private repo on Bitbucket for the first time in several weeks today, and get the following error:
abort: error: _ssl.c:480: error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm
The last that I pushed anything to one of my repos was at the end of April, and had not seen this error then.
This link indicated that it could be because of an old openssl version. I tried to install the more recent version of openssl suggested there, but that did not work either.
What changed within the past 4-5 weeks that might cause this error to occur? What do I need to do to fix? For now I can workaround by doing
hg push --insecure <repo_name>
I'm on Ubuntu 10.04 64-bit.
We changed the signature algorithm on our primary SSL certificate on 8 May: Bitbucket’s SSL certificate is changing for SHA-2
The link you posted does look like a good explanation; the newer certificate uses SHA256 for message digest, but some older OpenSSL versions may not support that algorithm. What version of OpenSSL are you running? Is SHA256 listed when you run this?
openssl dgst --help
I installed openssl-0.9.8o as suggested in that link; because I am stuck on such an old distribution, I was trying to stick with the oldest openssl version that would still work (so I wouldn't run into dependency problems).
$ openssl version OpenSSL 0.9.8o 01 Jun 2010 $ openssl dgst --help unknown option '--help' options are -c to output the digest with separating colons -d to output debug info . . . -sha256 to use the sha256 message digest algorithm . . .
So SHA256 is indeed listed; however, --help is not recognized as an option. So I guess my new openssl is an older version but still sufficient?
[Update] I just tried adding the hostfingerprints section to my ~/.hgrc, and this seems to have worked. I can now push as usual. (Oddly, I did not get the "unexpected fingerprint" message before, which would have alerted me to update the fingerprint.)
Thanks for your help!
We’ve been building a plugin to integrate Bitbucket Server and Jenkins CI, and I’m excited to announce that our alpha is ready to download and install. It lets you seamlessly configure a Jenkins job ...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events