After upgrading to macOS 10.12 Sierra I'm unable to sync with my encrypted SSL git server. The certificate still works fine while accessing the server through Safari.
I get this message when trying to push to the server:
fatal: unable to access 'https://....': SSL: Can't find the certificate "...." and its private key in the Keychain.
The certificate is there in the keychain, and the name is correct (it worked before the update), but somehow I can't access it.
My ~/.gitconfig file still consists of this:
[http "https://...."]
sslCert = ....
[credential]
helper = osxkeychain
Have anyone else bumped into this problem so far?
It looks like the git-credential-osxkeychain helper application is broken on macOS sierra and will not retrieve any more a user certificate that is returned with security find-identities
The only workaround I found is to
edit .git/config for the affected account to use
[http] sslCert = /Users/foo/certificates/my_certificate.p12 sslcertpasswordprotected = true
Note: You'll need a password on the P12 and have to enter the password for the p12 every time you do a git command.
PS: RADAR://28461462
If you want to use a crt and keyfile
[http]
sslVerify = false
sslCert = my.crt
sslKey = my.key
you need to install curl and git with openssl support
brew install openssl
brew install curl --with-openssl
brew install git --with-brewed-openssl --with-brewed-curl
That's worked for me as expected
简单的ssh-add帮助了我;)
ssh-add ~/.ssh/id_rsa
First you have to uninstall
brew uninstall openssl
brew uninstall curl
brew uninstall git
after installing as @trollr mentioned
brew install openssl
brew install curl --with-openssl
brew install git --with-brewed-openssl --with-brewed-curl
, you also have to ensure that the right git version (there are MAAAAAANY available, see
find / -name git
)
Homebrew tells you where it puts the new brewed git version, for example
/usr/local/Cellar/git/2.10.2/bin/git
check your version with which git
or just call the absolute path to ensure using the right version, like
/usr/local/Cellar/git/2.10.2/bin/git clone .......
This is what worked for me
git -c http.sslCert=/Users/user/Documents/gittest/cert.p12 -c http.sslcertpasswordprotected=true clone https://gitlab.domain.com/user/repository.git
you can add more verbose debuggin by adding
GIT_CURL_VERBOSE=1 GIT_TRACE=2 GIT_TRACE_PACKET=2
in front of the command.
The certificates are in the keychain and are marked trusted. Also the CA certificate is present.
The same issue with "Can't find the certificate.." error message has been solved for me after changing the certificate name to a string containing no other characters than Latin letters. Ie renaming "my_cert.p12" to "mysert.p12" has really helped to get rid of this error.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.