This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
web_services:hg_gateway [2015/12/07 13:08] tschulz [Add the host fingerprint to hgrc] |
web_services:hg_gateway [2015/12/07 13:13] tschulz [Using Self Signed Certs] |
||
---|---|---|---|
Line 49: | Line 49: | ||
</code> | </code> | ||
- | ===== Using Self Signed Certs ===== | + | ===== Mercurial Pushing to Server with Self Signed Certs ===== |
* In recent versions of Mercurial SSL verification will fail for self signed SSL/HTTPS certs. There are two ways to fix the issue. | * In recent versions of Mercurial SSL verification will fail for self signed SSL/HTTPS certs. There are two ways to fix the issue. | ||
+ | * In the past the cacerts or web.cacerts would work around this problem, but it no longer works | ||
==== Add the host fingerprint to hgrc ==== | ==== Add the host fingerprint to hgrc ==== | ||
- To find the host fingerprint run the following<file bash> openssl s_client -connect <FQDN>:443 < /dev/null 2>/dev/null | openssl x509 -fingerprint -noout -in /dev/stdin</file> | - To find the host fingerprint run the following<file bash> openssl s_client -connect <FQDN>:443 < /dev/null 2>/dev/null | openssl x509 -fingerprint -noout -in /dev/stdin</file> | ||
Line 57: | Line 58: | ||
[hostfingerprints] | [hostfingerprints] | ||
<FQDN from step 1> = <HEXVALUE from step 2> | <FQDN from step 1> = <HEXVALUE from step 2> | ||
+ | </file> | ||
+ | ==== Disable SSL verification ==== | ||
+ | * It goes without saying the this is not a very good idea, but if all else fails this will get mercrial to talk to a self signed https server | ||
+ | - Add the following to your hgrc file:<file> | ||
+ | [alias] | ||
+ | push = push --insecure | ||
</file> | </file> |