git clone - not `trusted` ssl certificates

A quick post on adding new Certificate Authorities to your SSL client.

Actually, put together so I can do a few other things other than explaining how to Deal with
$ git clone https://git.example.com/kod/example/.git
...
error: server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none while accessing https://source.ipduh.awmn/source/empty/.git/info/refs

fatal: HTTP request failed
...


To resolve it simply add the the certificate authority who signed the HTTPS Host certificate.
eg: for the ipduh repository
# wget https://ipduh.com/ca_cert/ipduhca.crt --no-check-certificate
# cat ipduhca.crt >> /etc/ssl/certs/ca-certificates.crt


You may disable sslVerify all together, but don't do that.
$ git config --global http.sslVerify false


http://alog.ipduh.com/2013/08/git-clone-not-trusted-ssl-certificates.html



add new Certificate Authorities to git