From: Alex Vong <alexvong1995@gmail.com>
To: "Ludovic Courtès" <ludo@gnu.org>
Cc: help-guix@gnu.org
Subject: Re: git ca cert problems
Date: Wed, 13 Jul 2016 22:41:53 +0800 [thread overview]
Message-ID: <87poqhbnwu.fsf_-_@gmail.com> (raw)
In-Reply-To: <871t2zhtxm.fsf@gnu.org> ("Ludovic \=\?utf-8\?Q\?Court\=C3\=A8s\=22'\?\= \=\?utf-8\?Q\?s\?\= message of "Tue, 12 Jul 2016 15:23:01 +0200")
Hi,
I change the title to a better one.
ludo@gnu.org (Ludovic Courtès) writes:
> Hello,
>
> It works for me (on GuixSD, but that shouldn’t make a difference.)
>
> What does “wc -l $GIT_SSL_CAINFO” say?
>
The output I get without setting any environment variable is the
following:
alexvong1995@debian:~$ ltrace -f -e getenv bash -c 'git clone https://github.com/elm-lang/elm-compiler' 2>&1 |grep SSL
[pid 6906] sh->getenv("GIT_SSL_NO_VERIFY") = nil
[pid 6906] sh->getenv("GIT_SSL_CERT") = nil
[pid 6906] sh->getenv("GIT_SSL_KEY") = nil
[pid 6906] sh->getenv("GIT_SSL_CAPATH") = nil
[pid 6906] sh->getenv("GIT_SSL_CAINFO") = "/home/alexvong1995/.guix-profile"...
[pid 6906] sh->getenv("GIT_SSL_CERT_PASSWORD_PROTECTED") = nil
[pid 6906] sh->getenv("GIT_SSL_VERSION") = nil
[pid 6906] sh->getenv("GIT_SSL_CIPHER_LIST") = nil
fatal: unable to access 'https://github.com/elm-lang/elm-compiler/': Problem with the SSL CA cert (path? access rights?)
Printing the environemt variable GIT_SSL_NO_VERIFY gives:
alexvong1995@debian:~$ echo $GIT_SSL_CAINFO
/home/alexvong1995/.guix-profile/etc/ssl/certs/ca-certificates.crt:/home/alexvong1995/.guix-profile/etc/ssl/certs/ca-certificates.crt
Is the problem related to having more than one ca cert files?
> From a quick look, Git honors a bunch of additional environment
> variables in this area:
>
> $ ltrace -f -e getenv sh -c 'git clone https://github.com/elm-lang/elm-compiler' 2>&1 |grep SSL
> [pid 21398] sh->getenv("GIT_SSL_NO_VERIFY") = nil
> [pid 21398] sh->getenv("GIT_SSL_CERT") = nil
> [pid 21398] sh->getenv("GIT_SSL_KEY") = nil
> [pid 21398] sh->getenv("GIT_SSL_CAPATH") = nil
> [pid 21398] sh->getenv("GIT_SSL_CAINFO") = "/etc/ssl/certs/ca-certificates.c"...
> [pid 21398] sh->getenv("GIT_SSL_CERT_PASSWORD_PROTECTED") = nil
> [pid 21398] sh->getenv("GIT_SSL_VERSION") = nil
> [pid 21398] sh->getenv("GIT_SSL_CIPHER_LIST") = nil
>
> Could it be that one of these is shadowing GIT_SSL_CAINFO?
>
> There’s also ‘http.sslCAInfo’ and similar (see git-config(1)).
>
> HTH,
> Ludo’.
Thanks,
Alex
next prev parent reply other threads:[~2016-07-13 14:42 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-07 14:55 gccgo package does not include gccgo binary Alex Vong
2016-07-09 18:23 ` Leo Famulari
2016-07-09 22:09 ` Matthew Jordan
2016-07-10 15:29 ` Alex Vong
2016-07-10 17:16 ` Matthew Jordan
2016-07-12 1:20 ` Alex Vong
2016-07-12 9:38 ` Matthew Jordan
2016-07-12 11:05 ` Alex Vong
2016-07-12 12:35 ` Leo Famulari
2016-07-12 14:13 ` Alex Vong
2016-07-12 13:23 ` Ludovic Courtès
2016-07-13 14:41 ` Alex Vong [this message]
2016-07-13 21:11 ` git ca cert problems Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87poqhbnwu.fsf_-_@gmail.com \
--to=alexvong1995@gmail.com \
--cc=help-guix@gnu.org \
--cc=ludo@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).