1. Sebastian Sebastian
  2. scm-manager
  3. Issues


Issue #16 resolved

https issues

Anonymous created an issue


I just changed the SCM manager settings to use https on an different port but now I can't reach the SCM Manager again.

using https://host:sslport/scm

any idea?

From the system output I can't see any entry about sslport (using 8001).

Just the http port is shown at the end: 2011-05-16 14:06:37.951:INFO::Started SelectChannelConnector@

but http://hostname:port/scm is not working as well.


Comments (19)

  1. Sebastian Sebastian repo owner

    To disable the https redirect do the following steps:

    Edit the config.xml in your scm home. Search the line


    and replace it with:


    Restart the scm-server.

  2. Anonymous

    okay, looks like this is not so easy to handle because there is no listener configured from my site.

    I have no idea how to do this.......

  3. Sebastian Sebastian repo owner

    That is not a problem. Start the cmd.exe and run the keytool.exe. If the keytool.exe is not in your path then you must use the complete path. For example:

    c:\Progamm Files\java\jdk1.6.x\bin\keytool.exe -genkey -alias scm -keyalg RSA -keystore keystore.jks
  4. Anonymous

    okay - scm manager is using ssl now.

    When I try to clone the repository now

    git clone https://host.com:8181/git

    I receive an error

    error: error setting certificate verify locations: CAfile: /bin/curl-ca-bundle.crt CApath: none

    What does this need?

  5. Sebastian Sebastian repo owner

    For the nice way you have to export the certificate from keystore:

    keytool -exportcert -keystore keystore.jks -alias scm -rfc -file cert.pem

    And set the absolute path to cert.pem as sslCAInfo path:

    git config http.sslCAInfo c:\scm-server\conf\cert.pem
  6. Sebastian Sebastian repo owner

    It is not really a git issue. It is the normal behavior of a ssl connection. If the client could not verify the certificate, it abort the connection (same behavior you could watch with a browser and a self signed certificate). Https works for github, because they have signed their certificate by a authority like verisign. You could also use a signed certificate with scm-manager, than you don't have to configure "http.sslVerify" or "http.sslCAInfo". For more information's on ssl connections http://en.wikipedia.org/wiki/Secure_Sockets_Layer. Next time please write to the mailing list https://groups.google.com/group/scmmanager for questions.

  7. Log in to comment