I am trying to install SmartGit and trying to provide bitbucket as hosting provide. I provide correct credentials of my bitbucket account but I get following error:
=======================================
java.security.cert.CerfiticateException: SHA fingerprint of the certificate does not match.
Expected: [some string]
Actual: [some other string]
This may either mean that the server certificate has changed or that you are spoofed.
=======================================
I think this is related to SSL certificate but do not know how to fix it. Any help will be highly appreciated.
From [1]: to fix SmartGit 5.0.7.1 (and older) add following line to smartgit.properties (in the SmartGit settings directory, see About dialog):
smartgit.hostingProvider.bitbucket.sslFingerprint=37:A8:0E:13:87:DA:13:C3:B8:35:6F:84:EF:74:D2:38:B1:AC:59:9B
After restarting SmartGit, connection will work again.
[1] http://blog.syntevo.com/2014/03/09/1394361360000.html
Same problem here. Guess BitBucket changed their key since the latest version got released.
Solution (or rather, workaround)...:
Don't add BitBucket as a remote provider. Add your URL simply per each project.
Remote -> Add
You can find the URL for your projects on the web interface of BitBucket.
Right after you select a project of yours, a link is displayed on the right side of your screen. It starts with https ... That is what you need.
BitBucket just changed their certificates, as announced on their blog.
On March 7th at 22:00 UTC, we’ll be updating our SSL certificates to replace ones that will be expiring soon. It’s likely that you won’t notice any changes and won’t need to take any action.
You can work around it it using the per-project URLs as described in Shiki's answer.
Just add the following line to your ~/.smartgit/5/smartgit.properties
smartgit.hostingProvider.bitbucket.sslFingerprint=7F:E2:6E:8F:0B:7F:3A:CD:6E:02:54:04:03:57:39:BD:D2:4B:CF:AE
Then re-try adding Bitbucket and it should work.
I had this same issue, but for github and adding the fingerprint to smartgit.properties was not working.
What did work was updating to the latest build (last option in the Help menu).
Related
I am attempting to follow the Hello World example for deploying an AWS Serverless Application, but I get a Security Constraints Not Satisfied Error when using sam deploy --guided. I'm pressing Enter at each prompt to accept the defaults per the tutorial.
The curious bit--to me--is if I use the AWS Toolkit extension for VS Code to deploy the app it works fine, so I don't think it has anything to do with my IAM permission config, but I'm new to this so I'm not ruling it out.
Recently the guided deploy was updated to include a prompt confirming if you were ok with not having any authorization defined. At the same time, a check was added that would fail the guided deploy if you answer 'No'. (See the relevant part of the commit here.)
This means that, as of this commit, you can't go through the AWS Hello World tutorial by responding with Enter to accept the default options.
To successfully deploy from the command line you'll need to confirm 'Yes' that you're ok with not having any authorization defined, and then it should work as expected.
During your sam deploy --guided, at the following question you need to answer YES.
OR
You can do sam deploy which skip that
I am trying to clone a project from my bitbucket to my computer, using SourceTree.
I tried to do so from the web interface :
But it always failed.
Here is the details of the error.
Can you help me please ?
Update: As mentioned below an update (1.6.25) has been released which fixes this error.
Original: Authentication in Version 1.6.24 of SourceTree is currently not working well. Use version 1.6.23 instead. You can find it here: http://downloads.atlassian.com/software/sourcetree/windows/SourceTreeSetup_1.6.23.exe
Enjoy:)
Yes, the problem is with Askpass.exe
We recently changed the logging framework we used to slf4net/log4net and this, unexpectedly is being picked up by askpass.exe.
But unfortunately since askpass.exe has no configuration in place it logs some output to stdout by default, this is interfering with the expected stdout output from askpass.exe.
We will release a 1.6.25 tomorrow with a proper fix.
Work Around
As a temporary workaround copying the attached Askpass.exe.config file in to
C:\Program Files (x86)\Atlassian\SourceTree
will provide the necessary configuration and should fix the multiple authentication requests.
You may find that unfortunately SourceTree has deleted what it thought were 'failing' passwords. Apologies for this you will need to re-enter them.
You can see the issue on Atlassian's own Jira: SRCTREEWIN-3944
Edit: Said update appears to be available now.
Help > Check for Updates > Update
Worked for me
It is because of the update which is the Two-step verification. I suggest you read this first to read more about their update and then you proceed over here. I was able to change my default HTTPS protocol to SSH protocol by following the steps above.
I recently started to use LibGit2Sharp and was able to start using this successfully. However, I am hitting one issue which I am unable to resolve related to SSL verification very similar to this one. For one of my scenario, I need to skip SSL verification.
I get the following exception when I try this scenario.
user cancelled certificate check:
I tried using the solution mentioned in the link above which is as follows.
RemoteCertificateValidationCallback certificateValidationCallback = (sender, certificate, chain, errors) => { return true; };
ServicePointManager.ServerCertificateValidationCallback = certificateValidationCallback;
GlobalSettings.RegisterSmartSubtransport<MockSmartSubtransport>("https");
I placed the above mentioned code before performing the git operation.
I see that the custom certificateValidationCallback is getting called. However, after that the git command fails with the following exception, "The remote server returned an error: (401) Unauthorized."
Any solution to this issue?
For one of my scenario, I need to skip SSL verification.
Then use the http.sslVerify configuration setting. If that doesn't work, file an issue in LibGit2Sharp. But don't try to use your own subtransport.
This is not something that should be done without knowing exactly what you're doing. This is not for trivial little things like SSL certificates, this is for when you have your own complete, existing HTTP stack that you want to use and you simply can't use the one that's included in LibGit2Sharp.
If you're experimenting thinking that maybe using your own subtransport will solve a very simple problem then it won't. And pulling a test out and trying to make it actually work is likely to fail. Now you are responsible for everything like authentication and SSL handling.
Instead, turn off SSL verification with the http.sslVerify configuration setting.
Skipping the TLS certificate check is not currently supported. libgit2 used to honour http.sslverify but that was replaced with a callback to give the caller knowledge about what they were connecting to. This callback allows the user to allow the connection to continue or to abort it. It is unfortunately not implemented at the moment in libgit2sharp.
And as Edward says, replacing the whole HTTP stack is not going to solve much, especially when it's a fake one named so.
I am trying to setup a CI server on my Macbook, I have followed the documentation on the apple website up to the point of creating a bot and integrating my build. When I attempt to integrate the build I repeatedly get the following error:
Bot Issue: error. Build Service Error.
Issue: '/Library/Developer/XcodeServer/Integrations/Caches/14a8ea2a72904f1abcecd38b1c02196b' exists and is not an empty directory (-4).
Integration Number: 13.
Integration URL: https://DavidMcQueens-MacBook-Pro-2.local/xcode/bots/BF817C9/integrations
Description: '/Library/Developer/XcodeServer/Integrations/Caches/14a8ea2a72904f1abcecd38b1c02196b' exists and is not an empty directory (-4).
I have manually deleted the folders in this location, as well as changing the permissions incase the server was having issues writing. Each time I run, I receive the same error. Even after I have deleted the folder so it is empty before the integration.
Does anyone have any ideas on how to solve this issue? I have built my iOS application in Swift (which I believe should still work with the CI server)
I am running OSX Server 4.0 and the latest version of XCode.
I followed Apple's documentation for creating bots
Thanks,
EDIT:
After some experimenting and trying different things to see what the issue is, I disabled 2-factor authentication on my GitHub hosting. This appeared to solve the issue, despite the fact that I was generating a specific application key to get around 2-factor. It solved the issue for a small amount of time, and I managed to successfully get the bot to integrate a few times. However it appears to have gone back to its old tricks.
If anyone has any other knowledge on this, or has managed to get it working on their own machines it will be good to know.
So I believe I have solved this issue, the GitHub 2-factor authentication issue looks to be a red herring.
When setting up the bot, there is a section that says "Checkout the repository", I did not do this step because I already had the repository on my local machine and presumed that it would simply create the repository in another location, and server no other purpose.
However, after some investigation this step is very necessary. From what I understand, checking out the repository does create it again in another location, however this is necessary as this new repository is where the Bot's will pull changes into and build in order to perform the tests. I was trying to use the same repo for development and for the Bots, which it did not like.
Creating a clean checkout of the project (on the server), and configuring the bots in that project then allowed me to progress and get everything setup correctly. It comes down to user error. In hindsight, it makes perfect sense to have a separate repo for the bots (this is my first CI server setup), however the error messages were not helpful and I can't remember seeing this emphasised in the setup guide.
I've got some large problems with my ruby on rails deployment on EY. Support has said I need to SSH in to clear the errors... but I get the following:
###########################################################
# WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! #
###########################################################
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
80:4c:5f:dd:98:bb:cb:01:6c:a9:11:41:29:56:66:86.
Please contact your system administrator.
Add correct host key in /Users/jameshughes/.ssh/known_hosts to get rid of this message.
Offending key in /Users/jameshughes/.ssh/known_hosts:1
RSA host key for ec2-184-73-167-153.compute-1.amazonaws.com has changed and you have requested strict checking.
Host key verification failed.
[Process completed]
How do I add the correct key to the Known_hosts file?
Open up known_hosts in your favorite text editor, find the entry for "ec2-184-73-167-153.compute-1.amazonaws.com" and delete the entire line. The next time you ssh in, it will add the correct key to the known_hosts file.
Note that this error is for security purposes, so I'm assuming that you know that there is not a "man-in-the-middle" attack going on and that the server key has actually changed. If it has not, there might be something else going on.
To fix your "Permission denied (public key)" problem, you'll need to add your public key to engineyard via the Tools menu, then apply your changes to your environment (by clicking apply).
Hope that helps.
Update
Please see #womble's comment below and my reply. As #womble notes, if you use StrictHostKeyChecking no you will be open to man in the middle attacks. I've talked with EngineYard about this (last time I checked, StrictHostKeyChecking no was what they were recommending in their help documentation). I believe using StrictHostKeyChecking=ask is a better alternative. Does anyone else know if there is a better solution than using StrictHostKeyChecking=ask?
I ran into the same issue and this seemed to work for me. You just need to add "StrictHostKeyChecking no" to after "'~/.ssh/config'':"
Engine yard has a pretty good article on it. The Man in the middle issue is near the bottom.
http://docs.engineyard.com/ssh-keys-and-configuration.html
Now when I SSH I still get the warning, but am able to access the server. I started getting the warning after I stopped and restarted my instance.