Cannot push anymore after GitHub's crypto removal. How do I fix this?

Hi there,
as of today, I suddenly can no longer push via git to GitHub anymore. As some StackOverflow questions show, this seems to be caused by GitHub’s recent “Weak cryptographic standards removal”.

Now, I have no idea how to push to GitHub. I am using git via terminal on Mac OS X 10.8.5.
git version is 2.2.1 (which I believe is the last version to work with 10.8.5, although right now I don’t find any info to confirm this).

I am not sure, how I had set up my git initially, as I just started out with git back then, and it just worked eversince. I just used to push by simply doing

git push

nothing else. This does not work any longer. Is there any way I can check my setup to find out, what I need to change so I can push again?

Thanks a lot!
trych

Edit: Oh, and the error message I get is the same as in the SO questions:

fatal: unable to access 'https://github.com/foo/bar.git/': error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version
8 Likes

Depending on how you connect to your GitHub repositories (by SSH or HTTPS) you may need to update the version of OpenSSL on your system as well or even build git (and some of its dependencies) from source to ensure that it is using libraries that don’t expect the older crypto protocols.

For faster turnaround on these questions, it is probably best to contact Support directly via the Contact form: https://github.com/contact. There’s a team of people that are collecting the latest bits of info on all the myriad configurations there 😀

1 Like

have a look at your .gitconfig file which is situated in your home folder. For me it kept the old tlsversion in there even after re-installing git. Deleting the line with the version number helped.

On Windows the file is located normally in “C:\Users\User.gitconfig”

There is a tls version missing in the configuration file %HOME%/.gitconfig:

To add the missing tls version definitions: (and fix the problem):

  • git config --global --add htttp.sslVersion tlsv1.1
  • git config --global --add htttp.sslVersion tlsv1.2
  • git config --global --add htttp.sslVersion tlsv1.3

Make sure the sslVersions appear only once in your config file.

Content in my .gitconfig file that fixed this issue:

cat %HOME%.gitconfig
[user]
email = changedname@hotmail.com
name = Changed Name
[gui]
[receive]
denyCurrentBranch = refuse
[gui]
recentrepo = D:/Documents/ConDel/playbooks/lamp_simple
[http]
sslVersion = tlsv1.0
sslVersion = tlsv1.1
sslVersion = tlsv1.2

I’m using Windows 10, not Linux for developing. And Vagrant for running virtual boxes with Linux.

1 Like