Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Errro while pushibng : SSL certificate problem: certificate has expired

atuljain707
atuljain707
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 1, 2020

I am getting the 'SSL certificate problem: certificate has expired' while pushing the changes in git using sourcetree.

Please help

Answer
Watch
Like # people like this
7697 views

7 answers

2 votes
engineeredair-webmaster
engineeredair-webmaster June 1, 2020

For me, the problem was related to Sectigo expiring one of their root certificates.  This means that any client/program that uses the old root certificate when attempting to verify SSL certs will throw a "certificate not valid" error.

If this is what you are encountering, you can fix this by re-installing / upgrading git.  This will install the latest root certificates at the same time.

I found this worked on my local machine.

On a remote server that had the same issue, I had to upgrade git, and then re-install the ca-certificates on the server itself with:

sudo apt-get install --reinstall ca-certificates
sudo mkdir /usr/local/share/ca-certificates/cacert.org
sudo wget -P /usr/local/share/ca-certificates/cacert.org http://www.cacert.org/certs/root.crt http://www.cacert.org/certs/class3.crt
sudo update-ca-certificates
git config --global http.sslCAinfo /etc/ssl/certs/ca-certificates.crt

 

Then I still had problems and realized git was looking at the wrong path and had to correct it with the following:

git config --global http.sslCAinfo /etc/ssl/certs/ca-certificates.crt
View More Comments
engineeredair-webmaster
engineeredair-webmaster June 2, 2020

More importantly, I realized that the actual root cause is the SSL certificate on my domain name that I am using for my Bitbucket Server.

The chain certificate had to be updated by removing the expired root certificate.

There is a good page with tools that can help you update your own certificates on your domains:

https://whatsmychaincert.com/

Like Dalectric likes this
Reply
1 vote
Oliver Bischof
Oliver Bischof
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 3, 2020

Updating Git to a newer version installs a new CA chain certificate which is used by Git. That solves the issue.

View More Comments
Dalectric
Dalectric
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 3, 2020

This fixed it for one of my users that had an issue

Like
Andy Ng_
Andy Ng_ July 4, 2020

This fixed for my users as well.

Like
Reply
1 vote
tonybp18
tonybp18
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 1, 2020

I have just set the following variable "http.sslVerify" to false and it worked. Just remember to set change it back later.

For a single repo

git config http.sslVerify false

For all repo

git config --global http.sslVerify false
View More Comments
engineeredair-webmaster
engineeredair-webmaster June 1, 2020

This is not a good long term solution because you are basically choosing to use no encryption when pushing/pulling your code from Bitbucket Server.  This means you are vulnerable to man-in-the-middle attacks.

All of this appears related to this: https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020

Like
Reply
0 votes
engineeredair-webmaster
engineeredair-webmaster June 1, 2020

Has anyone found a fix?  The only thing that has changed on my server is there was an Ubuntu kernel update. 

Reply
0 votes
tonybp18
tonybp18
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 1, 2020

Same here, trying to push changes and msg "SSL certificate problem: certificate has expired" appears.

Reply
0 votes
Настоящий Иванович (Иванович)
Настоящий Иванович (Иванович)
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
June 1, 2020

Yes. I am having this problem. In bamboo also.

Reply
0 votes
engineeredair-webmaster
engineeredair-webmaster June 1, 2020

I am having this problem this morning as well.

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.