how2itsec: May 2022

If you initially want to git clone a repository from an internal git system from a windows system and the internal git system uses a certificate from a internal PKI, you'll receive an error: SSL certificate problem: self signed certificate in certificate chain

PS C:\Users\flo\Splunk> PS C:\Users\flo\Splunk> git clone https://git.domain.tld/ansible-playbooks/carbonblack-threatfeeds.git Cloning into 'carbonblack-threatfeeds'... fatal: unable to access 'https://git.domain.tld/ansible-playbooks/carbonblack-threatfeeds.git/': SSL certificate problem: self signed certificate in certificate chain PS C:\Users\flo\Splunk> PS C:\Users\flo\Splunk>

Check your windows git settings with git config -l. In the attribute http.sslcainfo is the ca-cert-bundle-file, which is used by git as certification authority certificate store.

PS C:\Users\flo\Splunk> PS C:\Users\flo\Splunk> git config -l diff.astextplain.textconv=astextplain filter.lfs.clean=git-lfs clean -- %f filter.lfs.smudge=git-lfs smudge -- %f filter.lfs.process=git-lfs filter-process filter.lfs.required=true http.sslbackend=openssl http.sslcainfo=C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt core.autocrlf=true core.fscache=true core.symlinks=false pull.rebase=false credential.helper=manager-core credential.https://dev.azure.com.usehttppath=true init.defaultbranch=master user.email=flo@some.mail user.name=flo core.editor="C:\Users\flo\AppData\Local\Programs\Microsoft VS Code\Code.exe" --wait PS C:\Users\flo\Splunk> PS C:\Users\flo\Splunk>
So append your CA certificate in the file "C:/Program Files/Git/mingw64/ssl/certs/ca-bundle.crt". Then it works:

PS C:\Users\flo\Splunk> PS C:\Users\flo\Splunk> git clone https://git.domain.tld/ansible-playbooks/carbonblack-threatfeeds.git Cloning into 'carbonblack-threatfeeds'... remote: Enumerating objects: 104, done. remote: Counting objects: 100% (104/104), done. remote: Compressing objects: 100% (58/58), done. remote: Total 104 (delta 50), reused 93 (delta 40), pack-reused 0 eceiving objects: 34% (36/104) Receiving objects: 100% (104/104), 20.03 KiB | 2.86 MiB/s, done. Resolving deltas: 100% (50/50), done. PS C:\Users\flo\Splunk> PS C:\Users\flo\Splunk>

how2itsec

Linux persistence techniques as a map

Git for Windows - Git uses certificate from internal PKI

Splunk UseCase for attacks against FortiGate Firewall management interfaces

Impressum