Issue #2780 resolved

getting warning while using https and ssh push not working

Mukund Rajamannar
created an issue

Hi,

I am getting a warning when I push using HTTPS as below {{{ $ hg push https://mukund@bitbucket.org/xxxxxxx/xxxxxxx pushing to https://mukund@bitbucket.org/xxxxxxx/xxxxxxx warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting) http authorization required realm: Bitbucket.org HTTP user: mukund password: warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting) warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting) warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting) searching for changes warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting) warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting) remote: adding changesets remote: adding manifests remote: adding file changes remote: added 7 changesets with 69 changes to 68 files remote: bb/acl: mukund is allowed. accepted payload. warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting)

}}}

and when I push using SSH, I get the error as below.

{{{ $ hg push ssh://hg@bitbucket.org/xxxxxxx/xxxxxxx pushing to ssh://hg@bitbucket.org/xxxxxxx/xxxxxxx remote: ssh: connect to host bitbucket.org port 22: Operation timed out abort: no suitable response from remote hg! }}}

Comments (6)

  1. Erik van Zijst staff

    As of 1.7.3, Mercurial will warn you when it can't verify an SSL certificate. As of 1.7.5, this warning becomes an error that requires using the --insecure option to ignore. The new certificate validation system lets you know that a given HTTPS site is who it says it is.

    By default, stock Mercurial doesn't configure any certificate stores, so it'll say any SSL certificate can't be verified. If you get Mercurial through a distribution like MacPorts, Debian, etc., the distribution should configure that for you.

    Otherwise, you can add the certificate fingerprint to your /.hgrc file like so:

    [hostfingerprints]

    bitbucket.org = 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe

    Cheers, Erik

  2. Log in to comment