I
I
ideas4ru2012-11-07 07:35:14
proxy
ideas4ru, 2012-11-07 07:35:14

Is the proxy trying to spoof the https certificate (hg mercurial)?

Hello!

Faced the following problem. I'm working behind a proxy and trying to push to bitbucket.org using mercurial hg.

pushing to https://[email protected]/user/project
warning: bitbucket.org certificate with fingerprint bf:8b:48:f8:a5:22:43:fd:d2:7
9:bc:1e:6b:c7:19:20:a6:ef:c5:ed not verified (check hostfingerprints or web.cace
rts config setting)
http authorization required
realm: Bitbucket.org HTTP


Google makes it clear that the correct fingerprint from bitbucket.org should start with 81:
That is, it turns out that the proxy intercepts the certificate that is sent by the server and tries to slip its own in order to decrypt the traffic.

According to the idea, you need to take the bitbucket.org certificate in the form of a file somewhere and install it in mercurial hg . What other ideas will there be?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
M
mayorovp, 2012-11-08
@mayorovp

If the certificate is really spoofed, then it remains only to try to bypass the proxy server that replaces it.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question