| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
| <html> |
| <head> |
| <!-- Begin Header -->
|
| <title>Gitblit</title>
|
| <meta charset="utf-8">
|
| <meta name="ROBOTS" content="INDEX">
|
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
| <meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
|
| <link rel="stylesheet" href="./bootstrap/css/bootstrap.css"> |
| <link rel='shortcut icon' type='image/png' href='./gitblt-favicon.png' /> |
| <link rel="stylesheet" href="./prettify/prettify.css" /> |
| <!-- Google Plus Profile Page -->
|
| <link rel="publisher" href="https://plus.google.com/114464678392593421684" />
|
| <style type="text/css"> a.gpluspage { margin-top:3px;text-decoration: none; } </style> |
| |
| <!-- Google Plus One -->
|
| <link rel="canonical" href="http://gitblit.com" />
|
| <script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
|
| <style type="text/css"> div.gplusone { margin-top:12px; } </style> |
| |
| <script src="./prettify/prettify.js"></script> |
| <script src="./bootstrap/js/jquery.js"></script> |
| <script src="./bootstrap/js/bootstrap.min.js"></script> |
| </head> |
| <body onload='prettyPrint()'> <!-- Navigation Bar -->
|
| <div class="navbar navbar-fixed-top">
|
| <div class="navbar-inner">
|
| <div class="container">
|
| <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
|
| <span class="icon-bar"></span>
|
| <span class="icon-bar"></span>
|
| <span class="icon-bar"></span>
|
| </a>
|
| <a class="brand" href="./"><img src="./gitblt_25_white.png" alt="Gitblit"></img></a>
|
| <div class="nav-collapse">
|
| <ul class="nav">
|
| <li class='dropdown'> <!-- Menu --> |
| <a class='dropdown-toggle' href='#' data-toggle='dropdown'>about<b class='caret'></b></a> |
| <ul class='dropdown-menu'> |
| <li><a href='index.html'>overview</a></li> |
| <li><a href='features.html'>features</a></li> |
| <li><a href='screenshots.html'>screenshots</a></li> |
| </ul></li> <!-- End Menu --> |
| <li class='dropdown'> <!-- Menu --> |
| <a class='dropdown-toggle' href='#' data-toggle='dropdown'>documentation<b class='caret'></b></a> |
| <ul class='dropdown-menu'> |
| <li class='dropdown-submenu'> <!-- Submenu --> |
| <a tabindex='-1' href='#'>Gitblit GO</a> |
| <ul class='dropdown-menu'> |
| <li><a href='setup_go.html'>setup GO</a></li> |
| <li><a href='upgrade_go.html'>upgrade GO</a></li> |
| </ul></li> <!-- End Submenu --> |
| <li class='divider'></li> |
| <li class='dropdown-submenu'> <!-- Submenu --> |
| <a tabindex='-1' href='#'>Gitblit WAR</a> |
| <ul class='dropdown-menu'> |
| <li><a href='setup_war.html'>setup WAR</a></li> |
| <li><a href='upgrade_war.html'>upgrade WAR</a></li> |
| </ul></li> <!-- End Submenu --> |
| <li class='divider'></li> |
| <li class='dropdown-submenu'> <!-- Submenu --> |
| <a tabindex='-1' href='#'>Server Configuration</a> |
| <ul class='dropdown-menu'> |
| <li><a href='administration.html'>administration</a></li> |
| <li><a href='setup_authentication.html'>authentication</a></li> |
| <li><a href='setup_hooks.html'>push hooks</a></li> |
| <li><a href='setup_lucene.html'>lucene indexing</a></li> |
| <li><a href='setup_proxy.html'>reverse proxies</a></li> |
| <li><a href='setup_clientmenus.html'>client app menus</a></li> |
| <li><a href='setup_bugtraq.html'>bugtraq</a></li> |
| <li><a href='setup_mirrors.html'>mirrors</a></li> |
| <li><a href='setup_scaling.html'>scaling</a></li> |
| <li><a href='setup_fail2ban.html'>fail2ban</a></li> |
| <li><a href='setup_filestore.html'>filestore (Git LFS)</a></li> |
| <li class='divider'></li> |
| <li><a href='setup_viewer.html'>Gitblit as a viewer</a></li> |
| </ul></li> <!-- End Submenu --> |
| <li class='divider'></li> |
| <li class='dropdown-submenu'> <!-- Submenu --> |
| <a tabindex='-1' href='#'>Client Usage</a> |
| <ul class='dropdown-menu'> |
| <li><a href='setup_transport_http.html'>using HTTP/HTTPS</a></li> |
| <li><a href='setup_transport_ssh.html'>using SSH</a></li> |
| <li><a href='eclipse_plugin.html'>using the Eclipse plugin</a></li> |
| </ul></li> <!-- End Submenu --> |
| <li class='divider'></li> |
| <li class='dropdown-submenu'> <!-- Submenu --> |
| <a tabindex='-1' href='#'>Tickets</a> |
| <ul class='dropdown-menu'> |
| <li><a href='tickets_overview.html'>overview</a></li> |
| <li><a href='tickets_using.html'>using</a></li> |
| <li><a href='tickets_barnum.html'>barnum</a></li> |
| <li><a href='tickets_setup.html'>setup</a></li> |
| <li><a href='tickets_replication.html'>replication & advanced administration</a></li> |
| </ul></li> <!-- End Submenu --> |
| <li class='divider'></li> |
| <li class='dropdown-submenu'> <!-- Submenu --> |
| <a tabindex='-1' href='#'>Plugins</a> |
| <ul class='dropdown-menu'> |
| <li><a href='plugins_overview.html'>overview</a></li> |
| <li><a href='plugins_extensions.html'>extension points</a></li> |
| </ul></li> <!-- End Submenu --> |
| <li class='divider'></li> |
| <li><a href='federation.html'>federation</a></li> |
| <li class='divider'></li> |
| <li><a href='properties.html'>settings</a></li> |
| <li><a href='faq.html'>faq</a></li> |
| <li class='divider'></li> |
| <li><a href='design.html'>design</a></li> |
| <li><a href='rpc.html'>rpc</a></li> |
| </ul></li> <!-- End Menu --> |
| <li class='dropdown'> <!-- Menu --> |
| <a class='dropdown-toggle' href='#' data-toggle='dropdown'>releases<b class='caret'></b></a> |
| <ul class='dropdown-menu'> |
| <li><a href='releasenotes.html'>release notes</a></li> |
| <li><a href='releases.html'>release history</a></li> |
| </ul></li> <!-- End Menu --> |
| <li class='dropdown'> <!-- Menu --> |
| <a class='dropdown-toggle' href='#' data-toggle='dropdown'>downloads<b class='caret'></b></a> |
| <ul class='dropdown-menu'> |
| <li><a href='http://dl.bintray.com/gitblit/releases/gitblit-1.8.0.zip'>Gitblit GO (Windows)</a></li> |
| <li><a href='http://dl.bintray.com/gitblit/releases/gitblit-1.8.0.tar.gz'>Gitblit GO (Linux/OSX)</a></li> |
| <li><a href='http://dl.bintray.com/gitblit/releases/gitblit-1.8.0.war'>Gitblit WAR</a></li> |
| <li class='divider'></li> |
| <li><a href='https://registry.hub.docker.com/u/jmoger/gitblit/'>Gitblit GO (Docker)</a></li> |
| <li class='divider'></li> |
| <li><a href='http://plugins.gitblit.com'>Plugins Registry</a></li> |
| <li class='divider'></li> |
| <li><a href='http://dl.bintray.com/gitblit/releases/manager-1.8.0.zip'>Gitblit Manager</a></li> |
| <li><a href='http://dl.bintray.com/gitblit/releases/fedclient-1.8.0.zip'>Federation Client</a></li> |
| <li class='divider'></li> |
| <li><a href='http://dl.bintray.com/gitblit/releases/gbapi-1.8.0.zip'>API Library</a></li> |
| <li class='divider'></li> |
| <li><a href='https://bintray.com/gitblit/releases/gitblit'>Bintray (1.4.0+)</a></li> |
| <li><a href='https://code.google.com/p/gitblit/downloads/list?can=1'>GoogleCode (pre-1.4.0)</a></li> |
| <li class='divider'></li> |
| <li><a href='http://gitblit.github.io/gitblit-maven'>Maven Repository</a></li> |
| </ul></li> <!-- End Menu --> |
| <li class='dropdown'> <!-- Menu --> |
| <a class='dropdown-toggle' href='#' data-toggle='dropdown'>links<b class='caret'></b></a> |
| <ul class='dropdown-menu'> |
| <li><a href='https://dev.gitblit.com'>dev.gitblit.com (self-hosted)</a></li> |
| <li class='divider'></li> |
| <li><a href='http://plugins.gitblit.com'>Plugins Registry</a></li> |
| <li class='divider'></li> |
| <li><a href='https://github.com/gitblit/gitblit'>Github</a></li> |
| <li><a href='https://github.com/gitblit/gitblit'>Issues</a></li> |
| <li><a href='http://groups.google.com/group/gitblit'>Discussion</a></li> |
| <li><a href='https://twitter.com/gitblit'>Twitter</a></li> |
| <li><a href='http://www.ohloh.net/p/gitblit'>Ohloh</a></li> |
| <li class='divider'></li> |
| <li><a href='https://vimeo.com/86164723'>Gitblit Tickets screencast</a></li> |
| <li><a href='https://asciinema.org/a/9342'>Gitblit SSH and Plugin Management asciicast</a></li> |
| <li><a href='http://episodes.gitminutes.com/2014/05/gitminutes-29-james-moger-on-gitblit.html'>GitMinutes #29: James Moger on Gitblit</a></li> |
| <li class='divider'></li> |
| <li><a href='https://twitter.com/JamesMoger'>@JamesMoger</a></li> |
| </ul></li> <!-- End Menu --> |
| <li class='divider-vertical'></li> |
| <li><a href='https://plus.google.com/114464678392593421684?prsrc=3' class='gpluspage'><img src='https://ssl.gstatic.com/images/icons/gplus-16.png' width='16' height='16 style='order: 0;'/></a></li><li><div class='gplusone'><g:plusone size='small' href='http://gitblit.com'></g:plusone></div></li>
|
| </ul>
|
| </div><!--/.nav-collapse -->
|
| </div>
|
| </div>
|
| </div><!-- end Navigation Bar --> |
| <div class='container'> |
| <!-- Begin Markdown --> |
| <h2 class="section" id='H1'><a href="#H1" class="sectionlink"><i class="icon-share-alt"> </i></a>Using the HTTP/HTTPS transport</h2> |
| <h3 class="section" id='H2'><a href="#H2" class="sectionlink"><i class="icon-share-alt"> </i></a>Https with Self-Signed Certificates</h3><p>You must tell Git/JGit not to verify the self-signed certificate in order to perform any remote Git operations.</p><p><strong>NOTE:</strong><br/>The default self-signed certificate generated by Gitblit GO is bound to <em>localhost</em>.<br/>If you are using Eclipse/EGit/JGit clients, you will have to generate your own certificate that specifies the exact hostname used in your clone/push url.<br/>You must do this because Eclipse/EGit/JGit (< 3.0) always verifies certificate hostnames, regardless of the <em>http.sslVerify=false</em> client-side setting. </p> |
| <ul> |
| <li><strong>Eclipse/EGit/JGit</strong> |
| <ol> |
| <li>Window->Preferences->Team->Git->Configuration</li> |
| <li>Click the <em>New Entry</em> button</li> |
| <li> |
| <pre>Key = <em>http.sslVerify</em> |
| Value = <em>false</em></pre></li> |
| </ol></li> |
| <li><strong>Command-line Git</strong> (<a href="http://www.kernel.org/pub/software/scm/git/docs/git-config.html">Git-Config Manual Page</a>)<br/><pre>git config --global --bool --add http.sslVerify false</pre></li> |
| </ul><p><strong>NOTE:</strong><br/>When generating self-signed certificates, the default Java TLS settings will be used. These default settings will generate a weak Diffie-Hellman key.<br/><h4 class="section" id='H3'><a href="#H3" class="sectionlink"><i class="icon-share-alt"> </i></a>Java 8</h4><br/>The default is a 1024 bit DH key.<br/>You can up the number of bits used by appending the following command line parameter when starting Gitblit:<br/><pre>-Djdk.tls.ephemeralDHKeySize=2048</pre><br/>2048 bits is the maximum (Java limitation), and is still considered secure as of this writing.<br/><h4 class="section" id='H4'><a href="#H4" class="sectionlink"><i class="icon-share-alt"> </i></a>Java 7</h4><br/>The default is a 768 bit key. <b>This is hardcoded in Java 7 and cannot be changed.</b>. It is very weak. If you require longer DH keys, use Java 8.</p> |
| <h3 class="section" id='H5'><a href="#H5" class="sectionlink"><i class="icon-share-alt"> </i></a>Http Post Buffer Size</h3><p>You may find the default post buffer of your git client is too small to push large deltas to Gitblit. Sometimes this can be observed on your client as <em>hanging</em> during a push. Other times it can be observed by git erroring out with a message like: error: RPC failed; result=52, HTTP code = 0.</p><p>This can be adjusted on your client by changing the default post buffer size:<br/><pre>git config --global http.postBuffer 524288000</pre></p> |
| <h3 class="section" id='H6'><a href="#H6" class="sectionlink"><i class="icon-share-alt"> </i></a>Disabling SNI</h3><p>You may run into SNI alerts (Server Name Indication). These will manifest as failures to clone or push to your Gitblit instance.</p> |
| <h4 class="section" id='H7'><a href="#H7" class="sectionlink"><i class="icon-share-alt"> </i></a>Java-based Clients</h4><p>Luckily, Java 6-based clients ignore SNI alerts but when using Java 7-based clients, SNI checking is enabled by default. You can disable SNI alerts by specifying the JVM system parameter <code>-Djsse.enableSNIExtension=false</code> when your Java-based client launches.</p><p>For Eclipse, you can append <code>-Djsse.enableSNIExtension=false</code> to your <em>eclipse.ini</em> file.</p> |
| <h4 class="section" id='H8'><a href="#H8" class="sectionlink"><i class="icon-share-alt"> </i></a>Native Clients</h4><p>Native clients may display an error when attempting to clone or push that looks like this:</p><p><pre>C:\projects\git\gitblit>git push rhcloud master |
| error: error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112) while accessing https://demo-gitblit.rhcloud.com/git/gitblit.git/info/refs?service=git-receive-pack |
| fatal: HTTP request failed |
| </pre> |
| <!-- End Markdown --> |
| <div ><ul class="pager"> <li class="next"><a href="setup_transport_ssh.html">using SSH →</a></li></ul></div><footer class="footer"><p class="pull-right">generated 2016-06-22</p>
|
| <p>The content of this page is licensed under the <a href="http://creativecommons.org/licenses/by/3.0">Creative Commons Attribution 3.0 License</a>.</p> |
| </footer> |
| </div> |
| <!-- Google Analytics -->
|
| <script type="text/javascript">
|
| var _gaq = _gaq || [];
|
| _gaq.push(['_setAccount', 'UA-24377072-1']);
|
| _gaq.push(['_trackPageview']);
|
|
|
| (function() {
|
| var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
|
| ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
|
| var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
|
| })();
|
| </script> |
| |
| </body> |
| </html> |