We have a fetch command that runs on a cron script on our production server that picks up changes from our repo. Well it did until yesterday anyway. Today, I upgraded the git on my development computer so I was able to push my changes, but noticed they weren’t showing up on the server. The server is Centos 6.7 running on AWS. I updated the git and curl on the server as far as I could. I verified I was able to initiate an ssl connection with another one of my servers using the 1.2 protocol. However the fetch is still failing with a 35 ssl error. We are dead in the water. Where do I need to look or what can we do to get this working again?
We just recently deployed a change that disables support for deprecated legacy TLS and SSH algorithms:
Could you let us know which client you are using to access GitHub (and version)? We’d recommend updating your client if possible.
We are running Centos 6.7 and an Apache Server.
We had been running git 1.7.1 but I upgraded it to version 2.14.1.
The sequence that is generating the error is:
git --git-dir=/www/ta/git/master/our_repository.git fetch
warning: unsupported ssl version tlsv1.2: using default
fatal: unable to access ‘https://user_name:<repo key>@github.com/our_company/our_repository.git/’: SSL connect error
This has been working flawlessly for the last 2 years until you made the crypto update…
edit / update:
When I run:
openssl s_client -connect xxx.xxx.xxx.xxx:443
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
So it looks like our server will use 1.2
I apologize. Unfortunately, I don’t have the latest information on what is or isn’t compatible and why. Please contact GitHub Support directly via the Contact form at https://github.com/contact. The team there is collecting all the latest information on various configurations and should be able to help you more quickly.
Again, I’m sorry that I have to redirect you to another team like this. It is simply a question of getting you to the right people with the most information.