The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 4,152 other subscribers

Archive for May 28th, 2015

Enabling GIT_CURL_VERBOSE to research “unable to get local issuer certificate”

Posted by jpluimers on 2015/05/28

A while ago, I was fighting a corporate web proxy playing Man-in-the-Middle on all https sessions.

Though playing MitM on your employees is a debatable thing to do (especially without informing the employees, and illegal in certain countries, I had to get a GIT connection to the outside world working.

This helped tracking it down: GIT_CURL_VERBOSE “unable to get local issuer certificate”.

What I finally did was this:

  1. obtain the CA certificate that issues the MitM certificate in base-64 CRT form (which is the same as the PEM form):
  2. added it at the top of either of these files:
    • "%ProgramFiles%\Git\bin\curl-ca-bundle.crt"
    • "%ProgramFiles(x86)%\Git\bin\curl-ca-bundle.crt"
  3. added it to the top of either of these files:
    • "%ProgramFiles%\Mercurial\cacert.pem"
    • "%ProgramFiles(x86)%\Mercurial\cacert.pem"

–jeroen

PS: These were the failures I was getting:

Read the rest of this entry »

Posted in *nix, cURL, Development, DVCS - Distributed Version Control, git, PKI, Power User, Security, Source Code Management | Leave a Comment »

 
%d bloggers like this: