Gitblit:连接到mydomain:443时出现未知SSL协议错误
我在EC2上托管一个gitblit服务器。我已经用它制作了我自己的证书 我能够:Gitblit:连接到mydomain:443时出现未知SSL协议错误,git,curl,openssl,ssl-certificate,gitblit,Git,Curl,Openssl,Ssl Certificate,Gitblit,我在EC2上托管一个gitblit服务器。我已经用它制作了我自己的证书 我能够: 通过https(浏览器)访问gitblit站点 从本地主机(服务器本身)克隆 当我尝试使用mac os git客户端从终端将存储库克隆到pc时 我明白了 使用openssl我得到了 OpenSSL> s_client -tls1_2 -connect mydomain.com:443 CONNECTED(00000003) 140735107039708:error:1409E0E5:SSL routines
OpenSSL> s_client -tls1_2 -connect mydomain.com:443
CONNECTED(00000003)
140735107039708:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1372280840
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
error in s_client
因为我的服务器不需要x11,所以我必须创建自己的密钥库,
我储存
serverKeyStore.jks
- mydomain的私钥
- mydomain类别1初级中间证书
- startcom CA
- startcom 1级初级中间带CA
- startcom CA
- startcom 1类主客户端CA
- startcom 1级主服务器CA
git 1.7.11.1
OpenSSL 1.0.1e 11 Feb 2013
curl 7.26.0 (x86_64-apple-darwin11.3.0) libcurl/7.26.0 OpenSSL/1.0.1e zlib/1.2.8 libidn/1.25
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
尝试注释这行
#server.certificateAlias=localhost
或者将其更改为如下所示
server.certificateAlias=“密钥存储中的域证书别名”
git 1.7.11.1
OpenSSL 1.0.1e 11 Feb 2013
curl 7.26.0 (x86_64-apple-darwin11.3.0) libcurl/7.26.0 OpenSSL/1.0.1e zlib/1.2.8 libidn/1.25
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smtp smtps telnet tftp
Features: IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP