Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vit2018-12-24 12:39:24
linux
Vit, 2018-12-24 12:39:24

How to fix a problem with connecting to Bitbucket?

Bitbucket news released: Deprecating TLSv1 and TLSv1.1 .
After that, the server on CentOS 6 stopped updating packages from the repository on Bitbucket.
To check the connection, I run the command:

GIT_CURL_VERBOSE=1 git ls-remote https://bitbucket.org/

As a result, I get an error:
# GIT_CURL_VERBOSE=1 git ls-remote https://bitbucket.org/
* Couldn't find host bitbucket.org in the .netrc file; using defaults
* Hostname was NOT found in DNS cache
* Trying 18.205.93.1...
* Connected to bitbucket.org (18.205.93.1) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -12286 (SSL_ERROR_NO_CYPHER_OVERLAP)
* Cannot communicate securely with peer: no common encryption algorithm(s).
* Closing connection 0
* Couldn't find host bitbucket.org in the .netrc file; using defaults
* Hostname was found in DNS cache
* Trying 18.205.93.1...
* Connected to bitbucket.org (18.205.93.1) port 443 (#1)
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -12286 (SSL_ERROR_NO_CYPHER_OVERLAP)
* Cannot communicate securely with peer: no common encryption algorithm(s).
* Closing connection 1
error: Cannot communicate securely with peer: no common encryption algorithm(s). while accessing https://bitbucket.org//info/refs
fatal: HTTP request failed

OpenSSL version:
# openssl version
OpenSSL 1.1.1a 20 Nov 2018

Help solve the problem, what should I do?
--------------------------------------
The problem was solved by upgrading cURL - How to upgrade cURL in Centos6?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
V
Vovanys, 2018-12-24
@Vovanys

You need to look with which openssl is built by git and curl.

Report
B
Boris Syomov, 2018-12-24
@kotomyava

In general, it is strange to still sit on centos6, when even with 7 it is problematic already without external repositories.
The problem is most likely in nss, and that the necessary ciphers are disabled by default, and not that they are not supported in openssl.
You need:

  • Somehow update nss
  • Find git built without curl support (wget should work for you), or curl without nss support
  • Find how to pass curl when running git option --ciphers ecdhe_rsa_aes_128_gcm_sha_256.

Similar questions
A
alexandrnevajno12017-11-26 03:58:56
PHP - Is it correct to change the extension to .jpg when uploading an image? Why is this option better? 4Reply
W
WayMax2017-06-23 09:58:45
Which virtualization tool to choose? 1Reply
D
DimOFF2017-06-23 11:02:48
Wrong monitor colors on Debian. How to fix? 1Reply
D
dzhikaev2015-07-15 13:35:05
Is it possible to have multiple vncservers open at the same time? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question