Cannot pull/push to https server with self-signed certificate

Mads Kiilerich mads at
Fri Jan 7 11:45:18 CST 2011

On 01/07/2011 03:43 AM, Brian Sullivan wrote:
> Mads,
> Thanks for the response!
> After reading your message, I performed the steps exactly as described
> on the Mercurial wiki page you linked to.  I navigated to our repo site
> in Firefox and exported the certificate at the root of the hierarchy
> (there was actually only one in the tree).  Once exported, I got the
> hash on my Mac using openssl and copied that into the cacert.pem file on
> my Windows VM.  This still results in the same error when trying to
> perform a remote operation.

Can you show us (or me) the certificates you exported? And also the full 
chain of the web server certificate as exported by Firefox?

(Btw: The certificate is not (just) a hash but the wrapped 
base64-encoded DER-encoded X.509 ASN.1 structure which primarily 
contains a public RSA key.)


More information about the Mercurial mailing list