Software & AppsOperating SystemLinux

How To Fix “gnutls_handshake() failed” Error in Git for HTTPS Servers

Ubuntu 2

In this article, we will delve into the process of resolving the “gnutls_handshake() failed” error encountered while using Git for HTTPS servers. This error often occurs due to an issue with the gnutls package. A possible solution is to recompile git with openssl instead of gnutls.

Quick Answer

To fix the "gnutls_handshake() failed" error in Git for HTTPS servers, you can recompile Git with OpenSSL instead of GnuTLS. This involves installing the necessary tools and dependencies, creating a directory for the modified Git package, downloading and extracting the Git source code, modifying the Debian/Control file, installing the libcurl4-openssl-dev package, building the modified Git package, and finally, installing the newly built package.

Prerequisites

Before we start, ensure you have administrative access to your system and that your system’s package list is up-to-date. To update your system’s package list, use the following command:

sudo apt-get update

The sudo command allows you to run the command as an administrator, apt-get is the package handling utility in Ubuntu, and update is the command to resynchronize the package index files from their sources.

Installing the Necessary Tools and Dependencies

First, install the necessary build tools and dependencies. The build-essential package contains an informational list of packages that are considered essential for building Ubuntu packages including gcc compiler, make and other required tools. fakeroot and dpkg-dev are tools that allow building packages as non-root user and contain scripts to help in the creation of packages.

Use the following command:

sudo apt-get install build-essential fakeroot dpkg-dev
sudo apt-get build-dep git

The build-dep command installs build dependencies for a given package.

Creating a Directory for the Modified Git Package

Next, create a directory for the modified git package. You can do this using the mkdir command, which stands for “make directory”. Then, navigate to the new directory using the cd command:

mkdir ~/git-openssl
cd ~/git-openssl

Downloading and Extracting the Git Source Code

Now, download the source code for the current version of git using the apt-get source git command. This command fetches the source code for the git package:

apt-get source git

Next, extract the source code using the dpkg-source command:

dpkg-source -x git_1.7.9.5-1.dsc

Replace 1.7.9.5 with the actual version of git in your system.

Modifying the Debian/Control File

Open the debian/control file for editing using the gedit command:

gksu gedit debian/control

In the debian/control file, replace all instances of libcurl4-gnutls-dev with libcurl4-openssl-dev. This step is crucial as it changes the library against which git will be compiled.

Installing the libcurl4-openssl-dev Package

Install the libcurl4-openssl-dev package using the apt-get install command:

sudo apt-get install libcurl4-openssl-dev

Building the Modified Git Package

Now, build the modified git package using the dpkg-buildpackage command:

sudo dpkg-buildpackage -rfakeroot -b

The -rfakeroot option allows the package to be built with root privileges and the -b option instructs the command to build the binary package.

Installing the Newly Built Package

Finally, install the newly built package using the dpkg command:

For i386 architecture:

sudo dpkg -i ../git_1.7.9.5-1_i386.deb

For x86_64 architecture:

sudo dpkg -i ../git_1.7.9.5-1_amd64.deb

Replace 1.7.9.5 with the actual version of git in your system.

Conclusion

This solution has been tested and confirmed to work on various systems, including Ubuntu 14.04 and Linux Mint 16. It has also been recommended for resolving similar issues with the gnutls handshake error when using the repo script to download repositories.

Please note that disabling SSL certificate verification (git config --global http.sslVerify false) is not recommended as it removes protection against man-in-the-middle attacks.

If the provided solution does not work or if you encounter any issues, please refer to the original sources and comments for alternative solutions or further troubleshooting steps. This article is meant to be a comprehensive guide, but it may not cover all possible scenarios or variations of this issue. Always be sure to consult the official documentation and trusted online resources for additional guidance.

What is the “gnutls_handshake() failed” error in Git?

The "gnutls_handshake() failed" error in Git is an error message that occurs when there is an issue with the gnutls package during the SSL/TLS handshake process. It typically happens when trying to connect to an HTTPS server using Git.

What causes the “gnutls_handshake() failed” error in Git?

The "gnutls_handshake() failed" error in Git is often caused by a compatibility issue between the gnutls package and the server’s SSL/TLS configuration. It can also occur if there is a problem with the SSL/TLS certificates on the server.

How can I fix the “gnutls_handshake() failed” error in Git?

One possible solution is to recompile Git with OpenSSL instead of gnutls. This involves downloading the source code for Git, modifying the Debian/control file to use libcurl4-openssl-dev instead of libcurl4-gnutls-dev, and then building and installing the modified Git package.

Is there an alternative solution to fixing the “gnutls_handshake() failed” error in Git?

Yes, an alternative solution is to disable SSL certificate verification in Git using the command git config --global http.sslVerify false. However, this is not recommended as it removes protection against man-in-the-middle attacks.

Can the provided solution work on other Linux distributions besides Ubuntu?

While the provided solution has been tested and confirmed to work on Ubuntu 14.04 and Linux Mint 16, it may also work on other Linux distributions that use the apt package manager. However, there might be slight differences in package names or commands, so it’s always recommended to consult the official documentation or trusted online resources for specific instructions for your distribution.

What should I do if the provided solution does not work for me?

If the provided solution does not work or if you encounter any issues, it is recommended to refer to the original sources and comments for alternative solutions or further troubleshooting steps. Additionally, you can consult the official documentation and trusted online resources for additional guidance. This article provides a comprehensive guide, but it may not cover all possible scenarios or variations of the "gnutls_handshake() failed" error.

Leave a Comment

Your email address will not be published. Required fields are marked *