Web lists-archives.com

Multiple GIT Accounts & HTTPS Client Certificates - Config




Hi folks,

my problem is basically the following: my git server (https) requires
authentication using a clent x509 certificate.

And I have multiple x509 certificates that match the server.

when I access the https server using a browser, the browser asks which
certificate to use and everything is fine.

When I try to access the git server from the command line (git pull or
similar), the git will pick one of the available
certificates (randomly or alphabetically) and try to access the server with
that client certificate. Ending in the situation
that git picks the wrong certificate.

I can workaround by deleting all client certificates from the windows
certificate store except the "correct" one => then git
command line will pick the correct certificate (the only one available) and
everything works as expected.

Workaround is a workaround, I need to use all of the certificates
repeatedly for different repos and different other
aplications (non-git), so I've been deliting and reinstalling the
certificates all the time in the last weeks...

How can I tell git cmd (per config option??) to use a particular client
certificate for authenticating to the https server
(I could provide fingerprint or serial number or sth like that)

current environment: windows 10 and git version 2.18.0.windows.1

Would be absolutely acceptable if git would ask interactively which client
certificate to use (in case its not configurable)

(I asked this question here before:
https://stackoverflow.com/questions/51952568/multiple-git-accounts-https-client-certificates-config
)


Thanks!



-- 
sergei@xxxxxxxxxxxxxxxx
.