我如何让git告诉curl使用openssl而不是gnutls而不重建包?
我们有一个GnuTLS不喜欢的内部服务器,例如:我如何让git告诉curl使用openssl而不是gnutls而不重建包?,git,ubuntu,curl,openssl,gnutls,Git,Ubuntu,Curl,Openssl,Gnutls,我们有一个GnuTLS不喜欢的内部服务器,例如: gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt foo.example.com Processed 173 CA certificate(s). Resolving 'foo.example.com'... Connecting to '1.2.3.4:443'... *** Verifying server certificate failed... *** Fatal er
gnutls-cli --x509cafile /etc/ssl/certs/ca-certificates.crt foo.example.com
Processed 173 CA certificate(s).
Resolving 'foo.example.com'...
Connecting to '1.2.3.4:443'...
*** Verifying server certificate failed...
*** Fatal error: Error in the certificate.
*** Handshake has failed
GnuTLS error: Error in the certificate.
GIT_CURL_VERBOSE=1 git clone https://foo.example.com/some-repo.git
Cloning into 'some-repo'...
* Couldn't find host foo.example.com in the .netrc file; using defaults
* Hostname was NOT found in DNS cache
* Trying 1.2.3.4...
* Connected to foo.example.com (1.2.3.4) port 443 (#0)
* found 173 certificates in /etc/ssl/certs/ca-certificates.crt
* server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
* Closing connection 0
fatal: unable to access 'https://foo.example.com/some-repo.git/': server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none
我们正在努力修复与GnuTLS的不兼容性,但与此同时,是否有办法迫使git告诉curl在运行时使用另一个SSL引擎(即不从源代码重建git)?git是为了使用libcurl而构建的,libcurl是为了使用一个在运行时无法更改的固定TLS库而构建的 但是,您可以强制git在运行时使用不同的libcurl构建,并且libcurl可以使用OpenSSL。最简单的方法是将使用libcurl的OpenSSL放在与“标准”目录不同的目录中,然后执行以下操作之一:
/etc/ld.so.conf致命错误:证书中有错误foo.example.com1.2.3.4