Cannot pull/push to https server with self-signed certificate
mads at kiilerich.com
Fri Jan 7 11:45:18 CST 2011
On 01/07/2011 03:43 AM, Brian Sullivan wrote:
> Thanks for the response!
> After reading your message, I performed the steps exactly as described
> on the Mercurial wiki page you linked to. I navigated to our repo site
> in Firefox and exported the certificate at the root of the hierarchy
> (there was actually only one in the tree). Once exported, I got the
> hash on my Mac using openssl and copied that into the cacert.pem file on
> my Windows VM. This still results in the same error when trying to
> perform a remote operation.
Can you show us (or me) the certificates you exported? And also the full
chain of the web server certificate as exported by Firefox?
(Btw: The certificate is not (just) a hash but the wrapped
base64-encoded DER-encoded X.509 ASN.1 structure which primarily
contains a public RSA key.)
More information about the Mercurial