Issue
When connecting via https to a git server, it returns a Peer certificate cannot be authenticated with known CA certificates error:
stderr: fatal: unable to access 'https://git.example.com/user/repo.git/': Peer certificate cannot be authenticated with known CA certificates
Resolution
Git uses curl to access the https servers, so you need to import the certificate into the CA store of the system.
The steps to import the certificate on your system CA store vary depending on your OS:
Debian/Ubuntu
openssl s_client -showcerts -connect example.com:443 </dev/null 2>/dev/null|openssl x509 -outform PEM > example_com.crt sudo cp example_com.crt /usr/local/share/ca-certificates/example_com.crt sudo update-ca-certificates
Workaround
The workaround is to define the environment variable GIT_SSL_NO_VERIFY=1 on your Agent environment variables. Be aware that this is ultimately unsafe, insecure, and not recommended. Please only use the workaround if no other options are available.
This article is part of our Knowledge Base and is provided for guidance-based purposes only. The solutions or workarounds described here are not officially supported by CloudBees and may not be applicable in all environments. Use at your own discretion, and test changes in a safe environment before applying them to production systems.