I have my own git repository running under jetty-9. I want to know how can i set the git client certificate so my git server (jetty server) would be able to receive the certificate in servlet request and be able to get the git client certificate ad in order to do client authentication.
Following command i am trying to run,
git -c http.sslcainfo=D:\jetty\punws-sohanba.sigmasys.net.crt \
-c http.sslCert=D:\jetty\curl-ca-bundle.crt \
clone "https://punws-sohanba.sigmasys.net:8443/git.ctr-0.0.1-SNAPSHOT/dashboard-portal/.git"
Where "punws-sohanba.sigmasys.net.crt" is my server cert in order to git-client should accept the self signed certs.
curl-ca-bundle.crt is the git cert set in global config of git and also i am explicitly trying to set it via command line as well. (i am not sure i am doing it this right way). This curl-ca-bundle.crt file is also imported to my server.jks file as truststore.
On server i am not able to get the certificates when i do:
X509Certificate[] certs = (X509Certificate[])req.getAttribute(
"javax.servlet.request.X509Certificate");
System.out.println(
"cert name from git client =========>> " + certs[0].getSubjectDN().getName()
); //returns null-pointer here
I gives following error on commandline :
fatal: unable to access 'https://punws-sohanba.sigmasys.net:8443/git.ctr-0.0.1-SNAPSHOT/dashboard-portal/.git/': unable to set private key file: 'D:\jetty\curl-ca-bundle.crt' type PEM
Please suggest.
-c http.sslCert=D:\jetty\curl-ca-bundle.crtbit? From the output ofgit help config, it appears that thehttp.sslCertis for setting certs your Git client should use for itself, and not to verify its peers.https://punws-sohanba.sigmasys.net:8443/git.ctr-0.0.1-SNAPSHOT/dashboard-portal/.git/': Unknown SSL protocol error in connection to punws-sohanba.sigmasys.net:8443error