TortoiseHG and wildcard certificates
Having resolved recent SSL certificate issues with Mercurial/TortoiseHG, I now encountered a similar issue with the wildcard certificate for
*.google.com where getting a clone would result in a
"SSL: Server certificate verify failed" error.
One way around this issue is to add the fingerprint for this certificate to your configuration. Currently for
*.google.com this is
4b:b7:cc:81:2c:b9:00:3a:75:97:10:27:43:61:0b:93:d9:7c:3c:19 and one to get this from a Unix command line is with
openssl s_client -connect code.google.com:443 | openssl x509 -in cert-code -fingerprint -noout | tr "[:upper:]" "[:lower:]". This corresponds with Chrome’s certificate view’s thumbprint field, you just need to add colons.
Right click in Explorer, select
TortoiseHG » Global Settings and then click
Edit File and add the following:
code.google.com = 4b:b7:cc:81:2c:b9:00:3a:75:97:10:27:43:61:0b:93:d9:7c:3c:19
This should make Mercurial/TortoiseHG work, at least until the certificate expires and you need to update it with the latest fingerprint.