raggles.kiwi

GitHub for Windows: Can't sync with remote repo

So today I was coding along as usual, but when I tried to sync my repo with GitHub it wouldn't work, and it suggested I try the command line. So try the command line I did, and I got this message:

fatal: unable to access 'https://github.com//': SSL certificate problem: unable to get issuer certificate

This is how to fix it:

Find the Issuer certificate for GitHub's SSL certificate.  In this case we want the "DigiCert SHA2 Extended Validation Server CA".  

This can be downloaded from https://www.digicert.com/digicert-root-certificates.htm.  Next we need to convert it to a base64 encoded X.509 certificate - an easy way to do this is to import it into the Local Machine or Current User certificate store, and then export it in the correct format using certmgr.msc for Current User or cerlm.msc for Local Machine.

Next we need to find where Git stores its certificate bundle file.  We do this using by starting the Git Shell, then entering the following command:

>git config --get http.sslCAInfo
/bin/curl-ca-bundle-ghfw.crt

That only tells us the relative path, so now we need to locate the entire path - first type 'cmd' to escape from powershell then:

>where git
C:\Users\<user>\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\cmd\git.exe
C:\Users\<user>\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\bin\git.exe

Combining these two bits of information we can open the file

C:\Users\<user>\AppData\Local\GitHub\PortableGit_c2ba306e536fdf878271f7fe636a147ff37326ad\bin\curl-ca-bundle-ghfw.crt

with wordpad, and copy the contents of the certificate we exported above to the end of this file.  And that's it!