Suggestion to integrate Mercurial with ca-certificates package.
Oleksandr Gavenko
gavenko@bifit.com.ua
Tue Dec 27 12:07:00 GMT 2011
cygwin# cygcheck -c mercurial
Cygwin Package Information
Package Version Status
mercurial 1.9.3-1 OK
When you try perform communication through HTTPS you get warning:
cygwin# hg identify https://bitbucket.org/django/django
warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting)
warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting)
warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting)
warning: bitbucket.org certificate with fingerprint 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe not verified (check hostfingerprints or web.cacerts config setting)
92c12b8fd96a
When you provide certificate you can not see warning message:
cygwin# hg --config web.cacerts=/usr/ssl/certs/ca-bundle.crt identify https://bitbucket.org/django/django
92c12b8fd96a
I suggest to integrate Cygwin 'mercurial' package with Cygwin
'ca-certificates' like this done in Debian distro:
debian# cat /etc/mercurial/hgrc.d/cacerts.rc
[web]
# user can disable this Debian default by overriding this option in ~/.hgrc
# and/or using the --insecure command line switch
cacerts = /etc/ssl/certs/ca-certificates.crt
I was surprised that 'ca-certificates' have been uploaded to Cygwin
distribution recently:
http://www.cygwin.com/ml/cygwin-announce/2011-11/msg00000.html
To fix issue I create:
cygwin# mkdir /etc/mercurial
cygwin# cat <<EOF >/etc/mercurial/hgrc
[web]
cacerts = /usr/ssl/certs/ca-bundle.crt
EOF
Note that if cacerts point to non-existing file you get error from Mercurial:
cygwin# hg identify https://bitbucket.org/django/django || echo ERROR
abort: could not find web.cacerts: /a/usr/ssl/certs/ca-bundle.crt
ERROR
May be Debian solution with '/etc/mercurial/hgrc.d' sufficient to avoid this
problem.
--
Best regards!
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list