Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do I resolve error msg … SSL certificate problem: self signed certificate in certificate chain

John_Devron
John_Devron March 18, 2022

When I try to clone a repository using Sourcetree I get an error msg like this ...

Error: fatal: unable to access 'https://www.xyz.com:8443/scm/auvv/auv.git/':

SSL certificate problem: self signed certificate in certificate chain

Sourcetree error.png

I found the following command online but I’m not sure if it is applicable to the above error msg, or how to implement it …

git -c http.sslVerify=false clone <repository-name>

I tried pasting that into a DOS command line prompt without success.  Not sure how to open the BASH shell.   Instructions how to open the BASH could be useful.

Isn't there a way to use HTTPS only without SSH, or is that dependent on how the repository server is configured?

 

Answer
Watch
Like Be the first to like this
15612 views

1 answer

0 votes
Daniel Eads
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 18, 2022

Hi John, welcome to the Community!

It looks like you're connecting to the repository with HTTPS (no SSH involved), but the server is using a self-signed certificate.

Rather than disabling certificate validation entirely, I would recommend adding the self-signed certificate to the trust store on your machine. This is a little complicated on Windows. You'll first need to get a copy of the certificate, and there are a few options:

  • If the administrator is known, ask them for a copy of the public certificate in .pem format
  • You could use the openssl command to fetch it, e.g. 
    openssl s_client -connect www.xyz.com:8443/scm/
    and then save the lines starting with -----BEGIN CERTIFICATE----- and ending with -----END CERTIFICATE-----
  • Using Firefox, you could browse to the site and use the Export option in Options -> Advanced -> Certificates -> View Certificates -> Servers

Once you have the certificate in its own .pem file, use this command (in the same directory) to add it to git:

git config --global http.sslCAInfo saved-cert.pem

Restart Sourcetree, and it should no longer complain about that particular server.

Cheers,
Daniel  


(p.s. you did use the right command to disable certificate validation in git, you just need to add the --system or --global flag to get that to push through to Sourcetree)

View More Comments
John_Devron
John_Devron March 18, 2022

Thanks for the helpful advice Daniel.

 

I'm having difficulty tracking down the system administrator. So I'm trying your 2nd and 3rd suggestions.

How do I apply this command ?    openssl s_client -connect www.xyz.com:8443/scm/

I assume it would be through a BASH shell, but don't know how to get that started. Do you have a suggestion?

 

When you say "browse to the site and use the Export option" I assume you are referring to the Bitbucket server site. Is that correct? If so, then where are the menu "Options"?

 

Thank You!

John

Like
vinodh kumar subbareddy
vinodh kumar subbareddy September 4, 2023

Hey John_Devron,

Did you get this issue fixed. I got the same issue and I'm looking for fix. 

Please help if this issue got fixed for you

Thank You

Vinodh

Like
Reply

Suggest an answer

Log in or Sign up to answer
Sourcetree
Sourcetree
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security