Bobcares
Client Area
Emergency Support
Latest | Server Management

SSL Certificate problem: unable to get local issuer

by | Dec 15, 2021

Wondering how to resolve SSL Certificate problem: unable to get local issuer? We can help you.

As part of our Server Management Services, we assist our customers with similar queries.

Today, let us see how our Support techs assist with this process.

How to resolve SSL Certificate problem: unable to get local issuer?

Typically, the following is seen on the command line when pushing or pulling:

SSL Certificate problem: unable to get local issuer

This error occurs when a self-signed certificate cannot verify.

Tell git to not perform the validation of the certificate using the global option:

git config –global http.sslBackend schannel

or

git config –global http.sslVerify false

(warning) Please note disabling SSL verification globally might consider a security risk and should implement only temporarily

Today, let us see the steps followed by our Support Techs to resolve it.

Client Side

There are several ways to resolve this issue.

Below we suggest possible solutions that should run on the client side:

1. Firstly, ensure the root cert is added to git.exe’s certificate store

2. Then, tell Git where to find the CA bundle, either by running:

git config --system http.sslCAPath /absolute/path/to/git/certificates

where /absolute/path/to/git/certificates is the path to where you place the file that contains the CA certificate(s).

or by copying the CA bundle to the /bin directory and adding the following to the gitconfig file:

sslCAinfo = /bin/curl-ca-bundle.crt

3. Next, reinstall Git.

4. Ensure that the complete certificate chain is present in the CA bundle file, including the root cert.

Server Side

This issue can also happen on configurations where Bitbucket Server is secure with an SSL-terminating connector rather than a proxy

1. Firstly, ensure that the Java KeyStore has the entire certificate chain (Intermediate CA and Root CA)

View the Certificate Chain Details inside the KeyStore using a tool like the KeyStore Explorer to check

[Stuck in between? We’d be glad to assist you]

Conclusion

In short, today we saw steps followed by our Support Techs to resolve SSL Certificate problem.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

Related posts:

  1. Certbot remove domain from certificate – Easy way to do this
  2. How to Enable SSL on DNN Website?
  3. How to fix let’s encrypt new auth status 429 error?
  4. Unable to open file /etc/dovecot/ssl/dovecot.crt

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Related Articles

  1. Certbot remove domain from certificate – Easy way to do this
  2. How to Enable SSL on DNN Website?
  3. How to fix let’s encrypt new auth status 429 error?
  4. Unable to open file /etc/dovecot/ssl/dovecot.crt

Never again lose customers to poor
server speed! Let us help you.

GET STARTED