GitKraken Desktop Documentation

Contact support  
GitKraken Status  

Self-Signed Certificates

GitKraken’s remote hosting platform integrations may require users to have a certificate in place. Follow the instructions below to add a certifiate to your local certificate store.

Adding a Self-Signed Certificate

Self-signed certificates must be added to your trusted root directory before GitKraken will recognize the cert. This can be done through your operating system or in many browsers.

Note: If you have the Git Executable enabled, SSL settings in the global .gitconfig file are honored by GitKraken Desktop for actions performed by the Git executable.

Using Google Chrome on Windows

An easy way to install a certificate so that GitKraken can use it is via Google Chrome.

To generate a self-signed certificate, navigate to your remote hosting services web site. You should see somthing like this:

Click on the certificate, go to Details and click Copy to File... then follow the Certificate Export Wizard.

Once you have the certificate on your machine, in Chrome go to Settings from the menu in the top right.

Then navigate to Privacy & Security Security:

Scroll down and then click Manage certificates. This will open a certificate import wizard dialog box, where you can click import. Follow the instructions in the wizard to browse to your certificate file and complete the installation.

Make sure to add the certificate to your trusted root certificates.

Using Safari on Mac

Open Safari and browse to your remote hosting service.

Click to open cerificate window and view the certificate:

Hold down Option key and drag the certificate icon onto desktop. This should save the file with a .pem extension.

Now double click the file to open your mac keychains.

Locate the certificate in the login section.

Double click on the certificate to open the configuration window. In the first box, change the value to be Always Trust.

Finally, log out and back in again or restart your machine and the certifacte will be recognized.

Using Chrome on Ubuntu Linux

Exporting the certificate onto your machine is very similar to the Chrome instructions for Windows above. However, after you have the certificate downloaded there are some commands required.

  1. Open Google Chrome.
  2. Navigate to the site affected by SSL issues.
  3. Click the upper left Not Secure text, in the URL
  4. Click the Cerificate Is Not Valid option
  5. Click the Details tab
  6. Click Export...
  7. Save with a unique name (the below commands use DOWNLOADED-CERT-NAME), leave as Base64-encoded ASCII, single certificate
  8. In a terminal, navigate to Downloads
  9. Run the following commands in the teminal:
    openssl x509 -outform der -in DOWNLOADED-CERT-NAME -out DOWNLOADED-CERT-NAME.crt
certutil -d sql:$HOME/.pki/nssdb -A -t "CT,C,C" -n DOWNLOADED-CERT-NAME.crt -i DOWNLOADED-CERT-NAME.crt

Finally, run the following to verify it was added:

certutil -d sql:$HOME/.pki/nssdb -L

Now close Chrome completely and re-open. Navigate to the site to confirm that you are no longer recieving a certificate warning.

Common certificate errors

Help, I am getting Invalid SSL Certificate errors!

This typically indicates that there is either an invalid certificate or no certificate detected. To ensure that GitKraken is able to use your certificate, follow the above instructions to add a certificate to your local certificate store.

You may also recieve additional information about why the certificate is detected as invalid:

These will likely require the admin of the remote server to update the indicated field(s) and issue a new certificate. In this example a Server Alternate Name (SAN) is missing or incorrect.

Operating system guides

Looking for another way to add a certificate? Use the below links to get pointed in the right direction for your operating system.

Windows Microsoft Docs
OSX Apple Docs
Linux Ubuntu Docs
Have feedback about this article? Did we miss something? Let us know!
On this page