RE: Problems with Windows + schannel + http.sslCert

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Johannes,

> However, contrary to what `git -c http.sslBackend=list ls-remote <url>` says on Windows, `git -c http.sslBackend=openssl ls-remote <url>` should work, too.

Thanks for the tip! Although I haven't made any further attempts to try and force openssl, I was able to get client auth to work with Git for Windows by ensuring the client cert and root cert are present in the Windows certificate store and then setting "http.sslCert" to "CurrentUser\\MY\\{certificate thumbprint}}". This gets everything to fall into place and I suspect that it is the "correct" way, for better or worse, to make it work on Windows.

One thing that tripped me up was that my root CA was using ed25519 for signatures, and my installation of Windows did not seem to like that one bit. Switching to ECDSA seemed to fix it. I suppose that's another rabbit hole I need to jump into, but it has nothing to do with Git :)

Regards,
-- Ragesh.





[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux