Adding self-signed SSL certificate without disabling authority-signed ones

If you are using Git 1.8.5+ (August 2013), you can specify http directives per URL(!).

In your case:

git config --global http."".sslVerify false
# or, if not on default 443 port:
git config --global http."<aPort>/".sslVerify false

That would disable SSL verification only for, not for other URLs.


git config --global http."".sslCAInfo <downloaded certificate>.pem

Same idea: sslCAInfo would point to <downloaded certificate>.pem only for URLs.

It is possible to add your certificate in the Git system certificate store, which, with git-for-windows, would be in C:\path\to\PortableGit-2.6.1-64-bit\usr\ssl\certs\ca-bundle.crt.
It isn’t the best practice, though, unless you have to distribute a Git distro with internal certificates in it.

Leave a Comment