User Tools
web_services:hg_gateway
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
web_services:hg_gateway [2015/12/07 13:12] tschulz [Using Self Signed Certs] |
web_services:hg_gateway [2015/12/07 13:13] tschulz |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | ===== Mercurial Pushing to Server with Self Signed Certs ===== | ||
| + | * In recent versions of Mercurial SSL verification will fail for self signed SSL/HTTPS certs. There are two ways to fix the issue. | ||
| + | * In the past the cacerts or web.cacerts would work around this problem, but it no longer works | ||
| + | ==== Add the host fingerprint to hgrc ==== | ||
| + | - To find the host fingerprint run the following<file bash> openssl s_client -connect <FQDN>:443 < /dev/null 2>/dev/null | openssl x509 -fingerprint -noout -in /dev/stdin</file> | ||
| + | - You should get something like **SHA1 Fingerprint=9E:FD:0A:7B:C0:40:3D:A9:CF:BD:FE:DA:5E:D3:A8:EB:04:DB:2D:33** take the hexidecimal value and use it the next step | ||
| + | - Add the following to your hgrc file<file> | ||
| + | [hostfingerprints] | ||
| + | <FQDN from step 1> = <HEXVALUE from step 2> | ||
| + | </file> | ||
| + | ==== Disable SSL verification ==== | ||
| + | * It goes without saying the this is not a very good idea, but if all else fails this will get mercrial to talk to a self signed https server | ||
| + | - Add the following to your hgrc file:<file> | ||
| + | [alias] | ||
| + | push = push --insecure | ||
| + | </file> | ||
| + | |||
| ====== Hg Gateway ====== | ====== Hg Gateway ====== | ||
| * Install apache | * Install apache | ||
| Line 49: | Line 66: | ||
| </code> | </code> | ||
| - | ===== Using Self Signed Certs ===== | + | |
| - | * In recent versions of Mercurial SSL verification will fail for self signed SSL/HTTPS certs. There are two ways to fix the issue. | + | |
| - | * In the past the cacerts or web.cacerts would work around this problem, but it no longer works | + | |
| - | ==== Add the host fingerprint to hgrc ==== | + | |
| - | - To find the host fingerprint run the following<file bash> openssl s_client -connect <FQDN>:443 < /dev/null 2>/dev/null | openssl x509 -fingerprint -noout -in /dev/stdin</file> | + | |
| - | - You should get something like **SHA1 Fingerprint=9E:FD:0A:7B:C0:40:3D:A9:CF:BD:FE:DA:5E:D3:A8:EB:04:DB:2D:33** take the hexidecimal value and use it the next step | + | |
| - | - Add the following to your hgrc file<file> | + | |
| - | [hostfingerprints] | + | |
| - | <FQDN from step 1> = <HEXVALUE from step 2> | + | |
| - | </file> | + | |
| - | ==== Disable SSL verification ==== | + | |
| - | * It goes without saying the this is not a very good idea, but if all else fails this will get mercrial to talk to a self signed https server | + | |
| - | - Add the following to your hgrc file:<file> | + | |
| - | [alias] | + | |
| - | push = push --insecure | + | |
| - | </file> | + | |
web_services/hg_gateway.txt · Last modified: 2016/01/15 13:05 by tschulz
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
