I want to push my commits to a Bitbucket repository but this error occurred:
Fatal: unable to access
'https://[email protected]/myUsername/myRepository.git/':
Unknown SSL protocol error in connection to bitbucket.org:443
This question is related to
git
ssl
push
bitbucket
atlassian-sourcetree
having 2 computers,
number one is my corporate lab-top connected via VPN to our corporate network. That is like being inside the company behind big firewalls and a bunch of routers, with folk, internal and external (even telecom) fiddling around on the network and the firewall, and to reach out, I have to provide credentials such as proxy user and password and even then, sometimes it works and sometimes not.
i.e. I can reach out through the firewall using SVN JSVN MAVEN downlaods, ANT downloads, and I can use git clone http://git... repos.
But I can not do git clone https://git... repo. I this latest case I get this error.
The number two computer on-site with me is my little lab-top from home, nothing special, connected through WAN to the www and getting stuff down with all the mentioned tools above plus git clone https://git... repo works like a sniff without doing something special.
Conclusion: Sitting behind a "somehow managed firewall" is often the reason for troubles. To figure that out, take your little unprotected lab-top and have a www connection from home and if it runs, don't waste the time with your security guys, they will work for weeks unless the know why it does not work in your case, and maybe you can share with a portable drive the cloned git repo.
Josef - getting old with wasting time in such situations ;-)
I faced this issue while i was using version control in Android Studio 2.1.3, the scenario i faces was as follows :
1- i opened the IDE and clicked on the "update / pull" icon (Ctrl+T)
2- it did not ask for the Master password and it failed, gave me this error :
Unknown SSL protocol error in connection to bitbucket.org:443
3- i tried to fetch the repository (right click > git > repository > fetch)
4- it asked me for the master password and i entered it
5- it tried to fetch but it failed again and again and again
6- i restarted Android studio
7- i tried to fetch the repository (right click > git > repository > fetch)
8- it asked me for the master password and i entered it
9- now things are OK, every thing goes fine
Conclusion :
maybe Android Studio needs the Master password first before any git actions, else it will keep failing even if it asked for Master password later on, i don't know, this is the scenario that happened to me
In many cases it is linked to proxy problems. If so just config your git proxy
git config --global http.proxy HOST:PORT
This error also comes up with the Server is down. Email from tech support on the issue:
"We experienced an outage where it affected traffic to the website, as well as Mercurial and Git traffic over HTTPS. SSH was unaffected though. Feel free to check this page for more info:
So try again later and it could work itself out. Did for me
The corporate HTTP proxy behind which I currently am sporadically gives this error. I can fix it by simply visiting bitbucket.org in a browser, then retyring the command. Have no idea why this works, but it does fix it for me (at least temporarily).
If you meet "Unknown SSL protocol error in connection to bitbucket.org:443" and you are in China, maybe github is been blocked by firewall temporarily. You can try to use VPN, which would work out. Good Luck!
I was getting that behind a corporate proxy.
Solved by:
git config http.sslVerify "false"
Setting the following git setting fixed this for me
git config --global --add http.sslVersion tlsv1.0
I'm guessing the corporate proxy server did not like the default encryption protocol.
I use tortoiseGit. I had the same problem. Then in push settings I unchecked "autoload putty key", tried to push, then I checked it again, and pushed, and it worked. But seriously, I don't know why.
execute
nc -v -z <git-repository> <port>
your out put should look like
"Connection to <git-repository> <port> port [tcp/*] succeeded!"
if you get
connect to <git-repository> <port> (tcp) failed: Connection timed out
You need to edit your ~/.ssh/config file. Add something like the following:
Host example.com
Port 1234
I was able to solve it by running
git config --list --show-origin
and then seeing that I had a line:
file:c:/Users/user/.gitconfig http.sslversion=sslv3
I edited the file, c:/Users/user/.gitconfig, and deleted the line [http] and the line sslversion=sslv3 and that fixed it for me.
I get the same problem. With the last version of git and no proxy.
I fixed it:
More info: create the key
This error happen to me when push big amount of sources (Nearly 700Mb), then I try to push it partially and it was successfully pushed.
You can get more information with
# Windows
set GIT_CURL_VERBOSE=1
set GIT_TRACE_PACKET=2
# Unix
export GIT_CURL_VERBOSE=1
export GIT_TRACE_PACKET=2
And then try a git push.
Double-check your proxy settings if you have one.
Note: git 2.8 (March 2016) adds more information on an error 35:
See commit 0054045 (14 Feb 2016) by Shawn Pearce (spearce).
(Merged by Junio C Hamano -- gitster -- in commit 97c49af, 24 Feb 2016)
remote-curl: includecurl_errorstron SSL setup failuresFor
curlerror 35 (CURLE_SSL_CONNECT_ERROR) users need the additional text stored inCURLOPT_ERRORBUFFERto debug why the connection did not start.
This iscurl_errorstrinside ofhttp.c, so include that in the message if it is non-empty.
Also check out the common causes for that message:
If it was working before, and not working today, it is possible the SSL private key has expired on the BitBucket side (see below, reason #3), but that doesn't seem to be the case here (the certificate is valid until 12/03/2014).
Firing off a request like the following, results in the Unknown SSL Protocol error:
curl --sslv2 https://techstacks-tools.appspot.com/
Why? Well, in this case it is because the techstacks tools site does not support SSLv2, thus, generating the curl (35) error.
You could be trying to connect to the site using an ssl cipher that the site is configured to reject.
For example, anonymous ciphers are typically disabled on ssl-encrypted sites that are customer-facing. (Many of us set a blanket rejection policy on any SSL-encrypted web site—regardless of it's purpose.)
The following command string "can" also result in the curl (35) error:
curl --ciphers ADH-RC4-MD5 https://some_web_site.some_domain.com/
Unfortunately, the type of error response you can get from curl depends largely upon the ssl server. On some sites, you'll receive the Unknown SSL Protocol error but on my techstacks-tools site, I get:
curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
Kudos to Google because this particular error is a bit more descriptive than the one my websites at work generate because this at least tells you that a ssl socket was started but because of handshake failures, the socket was never able to complete.
Try connecting to the site with a cipher that the site supports. Not sure which cipher to use? Well, let me introduce my cryptonark ssl cipher tester...
I came across this one earlier today working with an old WebSeAL site.
In IBM GSKit, you can specify how long the private key password is valid. After reaching a certain date, you will still be able to get webseal started and listening on port 443 (or whatever you set your https-port value to) but you will not be able to successfully negotiate an SSL session.
In today's case, the old WebSEAL instance was using long-expired kdb file with a long expired private key password. Once replaced with the correct, more-up-to-date version, everything worked again.
Some ISP's and DNS providers like to intercept your failed DNS queries in order to redirect you to a search engine results-style page offering you alternative URLs or "Did you mean...?" counter-query results.
If you see an error like this:
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol,
it could be due to you typing the hostname incorrectly or the hostname is not yet tabled in your DNS. You can verify that with a simple "
host" or "nslookup".
Note (August 2015): Git 2.6+ (Q3 2015) will allow to specify the SSL version explicitly:
http: add support for specifying the SSL version
See commit 01861cb (14 Aug 2015) by Elia Pinto (devzero2000).
Helped-by: Eric Sunshine (sunshineco).
(Merged by Junio C Hamano -- gitster -- in commit ed070a4, 26 Aug 2015)
http.sslVersion
The SSL version to use when negotiating an SSL connection, if you want to force the default.
The available and default version depend on whether libcurl was built against NSS or OpenSSL and the particular configuration of the crypto library in use. Internally this sets the 'CURLOPT_SSL_VERSION' option; see the libcurl documentation for more details on the format of this option and for the ssl version supported.
Actually the possible values of this option are:
- sslv2
- sslv3
- tlsv1
- tlsv1.0
- tlsv1.1
- tlsv1.2
Can be overridden by the '
GIT_SSL_VERSION' environment variable.
To force git to use libcurl's default ssl version and ignore any explicithttp.sslversionoption, set 'GIT_SSL_VERSION' to the empty string.
I had the same issue, tried all changing SSL settings that are provided here. If you are in the corporate network and ssh keys used in such tools like Gerrit. 1. Get your ssh key, 2. Visit Bitbucket and navigate to Profile >> Settings >> SSH Keys >> Add Key.
After ssh key addition, try to push again.
Source: Stackoverflow.com