getting warning while using https and ssh push not working

Issue #2780 resolved
Mukund Rajamannar
created an issue

Hi,

I am getting a warning when I push using HTTPS as below
{{{
$ hg push https://mukund@bitbucket.org/xxxxxxx/xxxxxxx
pushing to https://mukund@bitbucket.org/xxxxxxx/xxxxxxx
warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting)
http authorization required
realm: Bitbucket.org HTTP
user: mukund
password:
warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting)
warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting)
warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting)
searching for changes
warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting)
warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting)
remote: adding changesets
remote: adding manifests
remote: adding file changes
remote: added 7 changesets with 69 changes to 68 files
remote: bb/acl: mukund is allowed. accepted payload.
warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting)

}}}

and when I push using SSH, I get the error as below.

{{{
$ hg push ssh://hg@bitbucket.org/xxxxxxx/xxxxxxx
pushing to ssh://hg@bitbucket.org/xxxxxxx/xxxxxxx
remote: ssh: connect to host bitbucket.org port 22: Operation timed out
abort: no suitable response from remote hg!
}}}

Comments (6)

  1. Erik van Zijst

    As of 1.7.3, Mercurial will warn you when it can't verify an SSL certificate. As of 1.7.5, this warning becomes an error that requires using the --insecure option to ignore. The new certificate validation system lets you know that a given HTTPS site is who it says it is.

    By default, stock Mercurial doesn't configure any certificate stores, so it'll say any SSL certificate can't be verified. If you get Mercurial through a distribution like MacPorts, Debian, etc., the distribution should configure that for you.

    Otherwise, you can add the certificate fingerprint to your /.hgrc file like so:

    [hostfingerprints]

    bitbucket.org = 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe

    Cheers, Erik

  2. Log in to comment