Unable to clone Git repository due to self signed certificate

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Symptoms

Git server is using self signed certificate and Fisheye/Crucible is unable to clone a Git repository.

The following appears in the atlassian-fisheye-<date>.log:

1 2 3 2013-07-02 18:15:48,400 WARN [InitialPinger2 ] fisheye IndexingPingRequest-doRequest - Exception during FishEye Incremental Indexing of Gitrepo: com.cenqua.fisheye.config.ConfigException: Unable to clone remote repository: https://fisheyeuser@git.server:8443/scm/test/gitrepo.git - [fatal: unable to access 'https://fisheyeuser:XXXX@git.server:8443/scm/test/gitrepo.git/': SSL certificate problem: self signed certificate in certificate chain] - Cloning into bare repository 'clone'...

Cause

Git client in Fisheye/Crucible server performs verification on the SSL certificate and stops the process if it is unknown.

Workaround

#1 Disable SSL verification while running the git clone

1 git -c http.sslVerify=false clone <repository-name>

ℹ️ This is safer once it only disables SSL for this particular command execution.

#2 Disable Git SSL verification in the server hosting Fisheye/Crucible with the following commands:

1 git config --global http.sslVerify false

⚠️ Please be advised disabling SSL verification globally might be considered a security risk and should be implemented only temporary.

Resolution

  1. Import the Git server self signed certificate into Fisheye/Crucible server according to Unable to connect to SSL services due to "PKIX Path Building Failed" error

  2. Configure the Git client in Fisheye/Crucible server to refer to the cacerts that have the imported certificate:

    1 git config --system http.sslCAPath /path/to/cacerts

  3. Restart Fisheye/Crucible server

Updated on April 8, 2025
Platform
Data Center only
Product
Fisheye Data Center
On this pageSymptomsCauseWorkaroundResolution

Still need help?

The Atlassian Community is here for you.
Ask the Community