SourceTree and Stash: Unable to get local issuer certificate

We have Atlassian Stash installed on a windows 2k8 r2 server, and for the most part everything is working nicely. We have a SSL certificate issued by our local on-premise CA and a DNS entry set up so we can go to https://stash/ and it works quite nicely except in Firefox where it throws a warning (related?).

When using Atlassian’s SourceTree we can navigate and choose a repository, but when we try to clone it we get the following error:

  • Migrating Git hosts
  • This pull request cannot be merged. You will need to resolve conflicts to be able to merge
  • Creating atlassian stash repo using rest and powershell
  • Removing/undoing a merge on Sourcetree
  • Migrate single repository from one Atlassian stash server to another server and maintain all data
  • Why was there an Atlassian icon in my shell when I pushed a commit?
  • fatal: unable to access https://user@url/scm/etc/etc.git: SSL
    certificate problem: unable to get local issuer certificate

    I get the same error if I try if from the git bash as well. Based on this error, I’ve tried following the instructions on adding the SSL certificate to the Git as also found on their website, including what is in the comments, to no avail. I have exported the cert through firefox and through the mmc certificate snapin, gotten the same results and put it in it’s own file, combined with the curl file, and no matter what keep getting this error. I have yet to try getting it to work with SSH keys yet since I was hoping to make this easier for my team.

    I also tried using ssh myserver and accepting the connection, and I entered my password and restarted, still the same error.

    I do not want to simply ignore certificate validation either, since that seems a bit pointless, then.

    I have tried various other solutions found on SO, but have made zero headway. How can I get this working with our CA-issued cert?

  • automatically rejecting a commit based on certain criteria
  • What does it mean when it says a git step is “1 ahead”
  • source tree marks all file as modified
  • Can't connect to git repo on El Capitan with SourceTree
  • Reverting push to remote with sourcetree
  • Force SourceTree ignore line endings in git files
  • 2 Solutions collect form web for “SourceTree and Stash: Unable to get local issuer certificate”

    I just disabled SSL certificate checks (which is fine for internal repos):

    Tools > Options > Git > Disable SSL certificate validation (ticked)

    After working with a peer who had been out until today, the revelation is that I had been using ONLY the certificate for the server itself. My [faulty] understanding of all the articles was that, similar to handling self-signed certs, you just tell Git to trust this cert. This is not the case for us.

    Instead, it is the Root CA Cert from our domain that I should have been exporting and telling Git to trust. I swear I tried that early last week when this all first started, but to my shame I must not have.

    Let this be a warning for anyone else who find themselves in my position!

    Git Baby is a git and github fan, let's start git clone.