Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Sourcetree: how to accept a self-signed cert in Windows?

Mike Beebe
Mike Beebe October 13, 2014

Hello,

I'm moving my company's code repository from SVN to Git. I've set up Stash 3.3.1 behind a load balancer that's serving a self-signed cert. No matter what I do, I cannot get Sourcetree 1.6.5.0 on Windows to accept the cert. The failure I get is as follows:

"The underlying connection was closed: Could not establish trust relationship for SSL/TLS secure channel."

I've tried putting in GIT_SSL_NO_VERIFY as a system variable and inside the .gitconfig of GitBash:  no luck on either. I've tried checking the Disable SSL certificate validation under Tools --> Options. No luck there, either. Also, I do not encounter this problem if I go to a straight to http: it's only happening with https connections.

I've also tried following the exceptionally unclear instructions here: https://confluence.atlassian.com/display/SOURCETREEKB/Resolving+SSL+Self-Signed+Certificate+Errors#ResolvingSSLSelf-SignedCertificateErrors-Windows

Someone has to have figured out how to do this, but both Google and Atlassian Answers have come up shy for me, or I'm overlooking the answer.

Any help would be appreciated.

Thank you,

-- Mike Beebe

 

 

Answer
Watch
Like # people like this
26167 views

5 answers

3 votes
chadclan
chadclan March 21, 2016

This was driving me nuts, but I finally found a setting to disable cert checks to allow a self signed cert in the SourceTree.exe.config file

<applicationSettings>
    <SourceTree.Properties.Settings>
        <setting name="SourceTreeHomeWebSite" serializeAs="String">
            <value>https://www.sourcetreeapp.com/</value>
        </setting>
        <setting name="ReleaseNotesRelativeUrl" serializeAs="String">
            <value>update/WindowsReleaseNotes.html</value>
        </setting>

************* Set the value to true :)
        <setting name="AllowUncertifiedSSLRequests" serializeAs="String">
            <value>True</value>
        </setting>
*************
        <setting name="IsPortable" serializeAs="String">
            <value>False</value>
        </setting>
    </SourceTree.Properties.Settings>
</applicationSettings>
View More Comments
Patrick Permien
Patrick Permien December 12, 2017

You may also use the settings menu:

2017-12-12 18_02_47-Sourcetree.png

Like # people like this
Rohan Ghorpade
Rohan Ghorpade February 26, 2018

Thanks. This worked for me

Like
sankar sankar
sankar sankar May 7, 2018

excellent ..thanks it is works for me ..

Like
avislash
avislash May 21, 2019

This is probably the best/easiest answer

Like
Leslie.Polss
Leslie.Polss August 7, 2019

Thank you for this!

Like
Baljinder Sandhu
Baljinder Sandhu July 28, 2020

Thanks for sharing, worked for me. 

Like
Reply
2 votes
SerSol Netops
SerSol Netops October 13, 2014

After MUCH struggling, my team finally arrived at the answer:

This answer assumes you are using a stand-alone (non-domain) Windows 7 computer and are trying to use Sourcetree with Stash on a HTTPS address and are receiving the SSL/TLS error.

You need the following:

  • The cert for the server Stash resides on in X.509 or pfx/p12 format. There are numerous websites that will show you how to convert a cert to p12 format. Our experience was that the easiest route was to go from PEM to P12; your milage may vary.
  • The CA cert for the domain the server resides on, also in X.509 or pfx/p12 format.

Copy both certs to the local Windows 7 box.

Double-click on the SERVER cert. Follow the instructions and have the wizard place the cert in the where ever it wants.

Next:

Follow the instructions for importing the DOMAIN CA CERT here: http://technet.microsoft.com/en-us/library/cc754841.aspx?ppud=4 ; you want "Adding certificates to the Trusted Root Certification Authorities store for a local computer" (third topic down). Make sure you select your DOMAIN CA CERT when importing.

From there, you should be able to access Stash via Sourcetree. Or at least we were.

Reply
0 votes
Stefan Mueller
Stefan Mueller August 11, 2020

where you able to resolve it following Resolving SSL Self-Signed Certificate Errors?

Reply
0 votes
Patrick Swartz
Patrick Swartz December 28, 2015

Hello, is there no other way to use a Bitbucket self-signed cert with Sourcetree than to get an 'official' AD domain cert?  We are evaluating both Bitbucket and Sourcetree and it seems a bit excessive to not provide some way to accept the self-signed cert during an eval.

Thanks

Reply
0 votes
Grunde Waag3
Grunde Waag September 3, 2015

Great!

This worked for me.

Reply

Suggest an answer

Log in or Sign up to answer
Sourcetree
Sourcetree
TAGS
AUG Leaders

Atlassian Community Events

    See all events