问题描述

当前，我在用户目录的.gitconfig中有以下条目.

Currently I have the following entry in my .gitconfig in my user directory.

...
[http]
    sslCAInfo=C:\\Users\\julian.lettner\\.ssh\\git-test.pem
...

这将设置与git服务器交互时使用的证书(我公司的git服务器必需).

This sets the certificate to use when interacting with the git server (required by my company's git server).

但是现在我无法克隆其他存储库(例如GitHub上的公共存储库)，因为客户端始终使用配置的证书，该证书会被其他服务器拒绝.

But now I cannot clone other repositories (for example a public repository on GitHub), because the client always uses the configured certificate which gets rejected by other servers.

我该如何规避此认证问题?我可以将Git配置为使用Windows证书存储进行身份验证吗?

How can I circumvent this certification issue? Can I configure Git to use the Windows Certificate Store to authenticate?

推荐答案

从Windows 2.14的Git开始，您现在可以将Git配置为使用内置Windows网络层SChannel.这意味着它将使用Windows证书存储机制，而您不需要显式配置curl CA存储机制.

Beginning with Git for Windows 2.14, you can now configure Git to use SChannel, the built-in Windows networking layer. This means that it will use the Windows certificate storage mechanism and you do not need to explicitly configure the curl CA storage mechanism.

从适用于Windows 2.14的Git中发行说明:

From the Git for Windows 2.14 release notes:

您可以在Git for Windows 2.14的安装过程中选择新的SChannel机制.您还可以通过运行以下命令来更新现有安装以使用SChannel:

You can choose the new SChannel mechanism during the installation of Git for Windows 2.14. You can also update an existing installation to use SChannel by running:

git config --global http.sslBackend schannel

配置完成后，Git将使用Windows证书存储，并且不需要(实际上应该忽略)http.sslCAInfo配置设置.

Once you have configured this, Git will use the Windows certificate store and should not require (and, in fact, should ignore) the http.sslCAInfo configuration setting.

这篇关于如何配置Git信任Windows证书存储区中的证书?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！