Server cert verify failed

Hello,

This is the first time I had a problem with certificate. The problem is with git, when I do a git clone.

GIT_TRACE=1 GIT_CURL_VERBOSE=1 git clone -c http.sslCAInfo=/etc/ssl/certs/cachain.pem -v https://gitea/renovate/renovate-config .
04:29:47.261389 git.c:460               trace: built-in: git clone -c http.sslCAInfo=/etc/ssl/certs/cachain.pem -v https://gitea/renovate/renovate-config .
Cloning into '.'...
04:29:47.268459 run-command.c:655       trace: run_command: git remote-https origin https://gitea/renovate/renovate-config
04:29:47.273097 git.c:750               trace: exec: git-remote-https origin https://gitea/renovate/renovate-config
04:29:47.273284 run-command.c:655       trace: run_command: git-remote-https origin https://gitea/renovate/renovate-config
04:29:47.294484 http.c:725              == Info: Couldn't find host gitea in the (nil) file; using defaults
04:29:47.297665 http.c:725              == Info:   Trying 192.168.1.100:443...
04:29:47.297868 http.c:725              == Info: Connected to gitea (192.168.1.100) port 443 (#0)
04:29:47.298591 http.c:725              == Info: found 2 certificates in /etc/ssl/certs/cachain.pem
04:29:47.419139 http.c:725              == Info: found 424 certificates in /etc/ssl/certs
04:29:47.419304 http.c:725              == Info: GnuTLS ciphers: NORMAL:-ARCFOUR-128:-CTYPE-ALL:+CTYPE-X509:-VERS-SSL3.0
04:29:47.419467 http.c:725              == Info: ALPN: offers h2,http/1.1
04:29:47.434756 http.c:725              == Info: SSL connection using TLS1.3 / ECDHE_RSA_AES_256_GCM_SHA384
04:29:47.434810 http.c:725              == Info: server cert verify failed: -101
04:29:47.434881 http.c:725              == Info: Closing connection 0
fatal: unable to access 'https://gitea/renovate/renovate-config/': server cert verify failed: -101

::ffff:192.168.1.100:59080 [08/Feb/2025:03:29:47.432] https~ https/<NOSRV> -1/-1/-1/-1/2 0 0 - - PR-- 2/2/0/0/0 0/0 "<BADREQ>" 0/0 TLSv1.3/TLS_AES_256_GCM_SHA384

With curl, no problem:

curl -v https://gitea/renovate/renovate-config --cacert /etc/ssl/certs/cachain.pem
*   Trying 192.168.1.100:443...
* Connected to gitea (192.168.1.100) port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/cachain.pem
*  CApath: /etc/ssl/certs
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted h2
* Server certificate:
*  subject: C=FR; ST=France; L=Paris; O=Home; CN=gitea
*  start date: May 24 00:18:56 2023 GMT
*  expire date: May 21 00:18:56 2025 GMT
*  subjectAltName: host "gitea" matched cert's "gitea"
*  issuer: C=FR; ST=France; O= Home; CN= Home
*  SSL certificate verify ok.
* using HTTP/2
* h2h3 [:method: GET]
* h2h3 [:path: /renovate/renovate-config]
* h2h3 [:scheme: https]
* h2h3 [:authority: gitea]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x56524906f2d0)
> GET /renovate/renovate-config HTTP/2
> Host: gitea
> user-agent: curl/7.88.1
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
< HTTP/2 303
< cache-control: max-age=0, private, must-revalidate, no-transform
< content-type: text/html; charset=utf-8
< location: /user/login
< set-cookie: i_like_gitea=bv2dpf5654; Path=/; HttpOnly; Secure; SameSite=Lax
< set-cookie: redirect_to=%2Frenovate%2Frenovate-config; Path=/; HttpOnly; Secure; SameSite=Lax
< x-frame-options: SAMEORIGIN
< date: Sat, 08 Feb 2025 03:31:37 GMT
< content-length: 38
<
<a href="/user/login">See Other</a>.

* Connection #0 to host gitea left intact

::ffff:192.168.1.100:39478 [08/Feb/2025:03:31:37.164] https~ gitea/gitea 0/0/0/3/3 303 565 - - ---- 3/2/0/0/0 0/0 "GET https://gitea/renovate/renovate-config HTTP/2.0" 0/0 TLSv1.3/TLS_AES_256_GCM_SHA384

If I put http.sslverify=false, no problem

GIT_TRACE=1 GIT_CURL_VERBOSE=1 git clone -c http.sslverify=false -v https://gitea/renovate/renovate-config .
04:46:33.056324 git.c:460               trace: built-in: git clone -c http.sslverify=false -v https://gitea/renovate/renovate-config .
Cloning into '.'...
04:46:33.063731 run-command.c:655       trace: run_command: git remote-https origin https://gitea/renovate/renovate-config
04:46:33.067639 git.c:750               trace: exec: git-remote-https origin https://gitea/renovate/renovate-config
04:46:33.067740 run-command.c:655       trace: run_command: git-remote-https origin https://gitea/renovate/renovate-config
04:46:33.093166 http.c:725              == Info: Couldn't find host gitea in the (nil) file; using defaults
04:46:33.097177 http.c:725              == Info:   Trying 192.168.1.100:443...
04:46:33.097404 http.c:725              == Info: Connected to gitea (192.168.1.100) port 443 (#0)
04:46:33.098270 http.c:725              == Info: found 2 certificates in /etc/ssl/certs/cachain.pem
04:46:33.233601 http.c:725              == Info: found 424 certificates in /etc/ssl/certs
04:46:33.234045 http.c:725              == Info: GnuTLS ciphers: NORMAL:-ARCFOUR-128:-CTYPE-ALL:+CTYPE-X509:-VERS-SSL3.0
04:46:33.234135 http.c:725              == Info: ALPN: offers h2,http/1.1
04:46:33.248345 http.c:725              == Info: SSL connection using TLS1.3 / ECDHE_RSA_AES_256_GCM_SHA384
04:46:33.248392 http.c:725              == Info:   server certificate verification SKIPPED
04:46:33.248404 http.c:725              == Info:   server certificate status verification SKIPPED
04:46:33.248733 http.c:725              == Info:   common name: gitea (matched)
04:46:33.248773 http.c:725              == Info:   server certificate expiration date OK
04:46:33.248786 http.c:725              == Info:   server certificate activation date OK
04:46:33.248814 http.c:725              == Info:   certificate public key: RSA
04:46:33.248829 http.c:725              == Info:   certificate version: #3
04:46:33.248949 http.c:725              == Info:   subject: C=FR,ST=France,L=Paris,O=Home,CN=gitea
04:46:33.249036 http.c:725              == Info:   start date: Wed, 24 May 2023 00:18:56 GMT
04:46:33.249073 http.c:725              == Info:   expire date: Sat, 21 May 2025 00:18:56 GMT
04:46:33.249167 http.c:725              == Info:   issuer: C=FR,ST=France,O=Home,CN=Home
04:46:33.249217 http.c:725              == Info: ALPN: server accepted h2

global
    daemon
    log stdout format raw local0
    maxconn 2000
    tune.ssl.default-dh-param 2048

defaults
    mode http
    log global
    retries 3
    timeout http-request 5s
    timeout connect 5s
    timeout server 30s
    timeout client 30s
    timeout queue 1m
    timeout http-keep-alive 10s
    timeout check 10s
    default-server check init-addr last,libc,none resolvers dockerdns

frontend https
    bind :::443 v4v6 ssl crt-list /etc/ssl/private/certslist alpn h2,http/1.1
    option forwardfor
    log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r %[ssl_c_err]/%[ssl_c_ca_err] %sslv/%sslc"

    acl gitea hdr(host) gitea
    use_backend gitea if gitea 

backend gitea
    server gitea gitea:3000

Somebody have idea?

The return error is not exactly useful.

Are you running curl and git on the very same host/VM? In case you are not: please run curl from the exact same host as well. Also check that date/time is correct on all hosts.

On the box running git and curl, can you provide the outputs of:

cd /usr/lib/git-core
./git --version
ldd git-http-fetch | grep libcurl

cd /usr/libexec/git-core
./git --version
ldd git-http-fetch | grep libcurl

curl --version
uname -a

You could try a git version that is linked to OpenSSL as opposed to GnuTLS.

Ubuntu starting from Oracular (24.10) and Debian from version 13 has libcurl linked against OpenSSL, which git also uses. Even if it doesn’t fix the issue, it may provide a better (actual) error message we can work with. So if you can try this from an Ubuntu 24.10 live cd we may get a better idea.

Could be something like this (certificate order on the server):

Yes I running curl and git on the same vm.
The datetime is correct, I using my https://gitea with browser frequently without problem.
I specify that I use this CA on 6 vm’s with multiple dockers and a k8s. I never seen that.
I didn’t realize the problem because I using ssh. I discovered the problem because I’m interested in gitea actions who uses https.

./git --version
git version 2.39.5

ldd git-http-fetch | grep libcurl
    libcurl-gnutls.so.4 => /lib/x86_64-linux-gnu/libcurl-gnutls.so.4 (0x00007f0657d57000)

curl --version
curl 7.88.1 (x86_64-pc-linux-gnu) libcurl/7.88.1 OpenSSL/3.0.15 zlib/1.2.13 brotli/1.0.9 zstd/1.5.4 libidn2/2.3.3 libpsl/0.21.2 (+libidn2/2.3.3) libssh2/1.10.0 nghttp2/1.52.0 librtmp/2.3 OpenLDAP/2.5.13
Release-Date: 2023-02-20, security patched: 7.88.1-10+deb12u8
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL threadsafe TLS-SRP UnixSockets zstd

uname -a
Linux dev 6.1.0-29-cloud-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.123-1 (2025-01-02) x86_64 GNU/Linux

cat /etc/debian_version
12.9

I tried with Ubuntu server 24.10, same way:

./git --version
git version 2.45.2

ldd git-http-fetch | grep libcurl
        libcurl-gnutls.so.4 => /lib/x86_64-linux-gnu/libcurl-gnutls.so.4 (0x00007669eff2b000)

curl --version
curl 8.9.1 (x86_64-pc-linux-gnu) libcurl/8.9.1 OpenSSL/3.3.1 zlib/1.3.1 brotli/1.1.0 zstd/1.5.6 libidn2/2.3.7 libpsl/0.21.2 libssh2/1.11.0 nghttp2/1.62.1 librtmp/2.3 OpenLDAP/2.6.8
Release-Date: 2024-07-31, security patched: 8.9.1-2ubuntu2.2
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp ws wss
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM PSL SPNEGO SSL threadsafe TLS-SRP UnixSockets zstd

uname -a
Linux ubuntuserver 6.11.0-14-generic #15-Ubuntu SMP PREEMPT_DYNAMIC Fri Jan 10 23:48:25 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux

cat /etc/debian_version
trixie/sid

I tried with gnutls-cli for the first time

gnutls-cli -p 443 gitea --x509cafile /etc/ssl/certs/cachain.pem
Processed 2 CA certificate(s).
Resolving 'gitea:443'...
Connecting to '192.168.1.100:443'...
- Certificate type: X.509
- Got a certificate list of 54 certificates.
- Certificate[0] info:
 - subject `CN=gitea,O=Home,L=Paris,ST=France,C=FR', issuer `CN=Home,O=Home,ST=France,C=FR', serial 0x0f, RSA key 2048 bits, signed using RSA-SHA256, activated `2023-05-24 00:18:56 UTC', expires `2025-05-21 00:18:56 UTC', pin-sha256="+Fxxxx98="
        Public Key ID:
                sha1:eabxxxxc89
                sha256:f858xxxx7df
        Public Key PIN:
                pin-sha256:+Fxxxx98=

- Certificate[1] info:
 - subject `CN=gitea,O=Home,L=Paris,ST=France,C=FR', issuer `CN=Home,O=Home,ST=France,C=FR', serial 0x0f, RSA key 2048 bits, signed using RSA-SHA256, activated `2023-05-24 00:18:56 UTC', expires `2025-05-21 00:18:56 UTC', pin-sha256="+Fxxxx98="
- Certificate[2] info:
 - subject `CN=gitea,O=Home,L=Paris,ST=France,C=FR', issuer `CN=Home,O=Home,ST=France,C=FR', serial 0x0f, RSA key 2048 bits, signed using RSA-SHA256, activated `2023-05-24 00:18:56 UTC', expires `2025-05-21 00:18:56 UTC', pin-sha256="+Fxxxx98="
-----------------> .....repeated x53.....
- Could not verify certificate (err: Some constraint limits were reached.)
*** PKI verification of server certificate failed...
*** Fatal error: Error in the certificate.

Why he duplicate the certificate 53 times ?
And If I try with openssl:

git clone -c http.sslCAInfo=/etc/ssl/certs/cachain.pem -v https://gitea/renovate/renovate-config
fatal: Unsupported SSL backend 'openssl'. Supported SSL backends:
        gnutls

I tried directly with OpenSSL

(echo -ne "GET / HTTP/1.1\r\nHost: gitea\r\n\r\n") | openssl s_client -connect gitea:443 -CAfile /etc/ssl/certs/cachain.pem
CONNECTED(00000003)
Can't use SSL_get_servername
depth=2 C = FR, ST = France, L = Paris, O = Home, CN = Home
verify return:1
depth=1 C = FR, ST = France, O = Home, CN = Home
verify return:1
depth=0 C = FR, ST = France, L = Paris, O = Home, CN = gitea
verify return:1
---
Certificate chain
 0 s:C = FR, ST = France, L = Paris, O = Home, CN = gitea
   i:C = FR, ST = France, O = Home, CN = Home
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: May 24 00:18:56 2023 GMT; NotAfter: May 21 00:18:56 2025 GMT
 1 s:C = FR, ST = France, L = Paris, O = Home, CN = gitea
   i:C = FR, ST = France, O = Home, CN = Home
   a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA256
   v:NotBefore: May 24 00:18:56 2023 GMT; NotAfter: May 21 00:18:56 2025 GMT
-----------------> .....repeated x53.....
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIETTCCAzWgAwIBAgIBDzANBgkqhkiG9w0BAQsFADBAMQswCQYDVQQGEwJGUjEP
...
JAANqqqMiIvKjKONMKCZQyo/Ng65sPaLGLGOdjFmDTVtn2+fYCZQifayRYV1v+Bw
eA==
-----END CERTIFICATE-----
subject=C = FR, ST = France, L = Paris, O = Home, CN = gitea
issuer=C = FR, ST = France, O = Home, CN = Home
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 60557 bytes and written 377 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: 16EDxxxxD60298
    Session-ID-ctx:
    Resumption PSK: F052C6xxxx795EDE
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - 05 db fa 5e 72 97 1b 98-d7 48 13 05 68 32 87 af   ...^r....H..h2..
    ...
    00c0 - f9 12 0a d7 8b 8c 02 a7-27 e6 e7 c1 42 01 ca ea   ........'...B...

    Start Time: 1739063120
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
    Protocol  : TLSv1.3
    Cipher    : TLS_AES_256_GCM_SHA384
    Session-ID: 3BCCAxxxx24639F
    Session-ID-ctx:
    Resumption PSK: 7C469xxxxD54226
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - 05 db fa 5e 72 97 1b 98-d7 48 13 05 68 32 87 af   ...^r....H..h2..
    ....
    00c0 - 77 be e4 5e 6e d0 be 46-a8 95 0c 5f c8 d9 ac 21   w..^n..F..._...!

    Start Time: 1739063120
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
    Max Early Data: 0
---
read R BLOCK
DONE

We can see Verification: OK with OpenSSL.
I tried to switch CA root and intermediate order.
I’m out of ideas…

Go back to the haproxy server and provide the output of /etc/ssl/private/certslist as well as the a grep '-' each-of-the-files-listed-in-the-certslist so we can see what haproxy loads.

The 53x times repetition of the certificate is likely the culprit here; openssl still accepts it but gnutls does not.

Something is wrong with the certificate configuration.

Yes, that was duplicate certificates. I did a error when I writed the automate certificates generator.
Thank you sincerely for your help