| SSL certificate problem

Unable to run script on Windows. I get the following error and I’m unable to install the git hooks.

Setting up git hooks...
fatal: unable to access '': SSL certificate problem: self signed certificate in certificate chain
Failed to install hooks

Not sure what self-signed cert you’re seeing. Can you get more information dumped out somehow?

Based on the error messages it’s failing here in the code:

# Populate ".git/hooks".
echo 'Setting up git hooks...' &&
git_dir=$(git rev-parse --git-dir) &&
mkdir -p "$git_dir/hooks" &&
cd "$git_dir/hooks" &&
if ! test -e .git; then
	git init -q || die 'Could not run git init for hooks.'
fi &&
git fetch -q "$url" "$branch" &&
git reset -q --hard FETCH_HEAD || die 'Failed to install hooks'

I re-forked the repo fresh just to make sure I didn’t do anything weird.

Here is my git version for reference:

$ git --version
git version

Earlier today I received a 502 error running but it worked now.

I’ve seen SSL errors when running in a corporate environment and the URL gets redirected to a website blocked page.

Yeah, if you can clone it manually, I’d chalk it up to temporal failures. The hosting infra has had some hiccups lately.

I’ve retried multiple times it’s most likely not temporal failures. I’ll try my best to dig into it :+1:

Have you tried to make it more verbose to see what’s happening:


You should see something like this:

* Connected to ( port 443 (#0)
* found 417 certificates in /etc/ssl/certs
* ALPN, offering h2
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384
*        server certificate verification OK
*        server certificate status verification SKIPPED
*        common name: * (matched)
*        server certificate expiration date OK
*        server certificate activation date OK
*        certificate public key: RSA
*        certificate version: #3
*        subject: C=US,ST=New York,L=Clifton Park,O=Kitware\, Inc.,CN=*
*        start date: Thu, 12 Nov 2020 00:00:00 GMT
*        expire date: Sat, 04 Dec 2021 23:59:59 GMT
*        issuer: C=US,O=DigiCert Inc,CN=DigiCert TLS RSA SHA256 2020 CA1
*        compression: NULL
* ALPN, server accepted to use h2

If the issuer is different, you may have a SSL decrypting Firewall or Proxy, otherwise it’s a MITM attack.

Do you also have the problem if you try to clone manually? How do you fetch CMake or have you disabled https verification there?
Try this in your CMake clone directory:

git config -l --show-origin | grep -iE "ssl|kitware"
1 Like

I’ll make sure to try this out soon. Thanks for supplying this great info :+1:

I just checked and I’m unable to clone. I must have messed up something in my setup. I’m trying to being able to contribute to both open source via github/gitlab so my setup is a little screwy.

I figured it out. My companies VPN was messing things up. Disabling it fixes the issue.