I would like to use a git repo that is accessigble through https, Https server has self signed certificate. I always get an error while trying to clone the repo with eclipse+egit:
https://host/path : cannot open git-upload-pack sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Is it possible to bypass this problem? I used export GIT_SSL_NO_VERIFY=1
command to skip ssl verification with the console client. This trick doesn't work with eclipse.
Thanks,
Hubi
You can also just set eGit to ignore server verification. In Eclipse go to Window -> Preferences.
From there go to Team -> Git -> Configuration
Click "New Entry"
Key: http.sslVerify Value: false
Click "OK"
Click "OK"
For a more detailed approach to this check out my blog post here: http://www.pur-logic.com/2012/04/21/egit-self-signed-certificate/
您必须将该证书导入密钥库(JDK目录中的默认密钥库cacerts或使用参数-Djavax.net.ssl.trustStore指定一个证书)。
The FAQ of CAcert provides the commandline for keytool:
keytool -keystore $/PATH/TO/CACERTS/KEYSTORE -storepass changeit -import -trustcacerts -v -alias cacertclass1 -file root.crt
-trustcacerts
to import a normal certificate. -alias
might also be unnecessary I had some trouble with this too, but with a different story. The hostname for the Git repo didn't match the cert's hostname. Solution was to change the cert to match the hostname.
We should use http.sslCAInfo
option for this use-case.
However, eclipse JGit development status for this option has been stuck for a very long time.
FYI
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.