1 [[!meta title="How can I avoid typing my password repeatedly when using git with the smart HTTP transport?"]]
2 It is possible to use git with client certificates. This avoids
3 needing to repeatedly type passwords when using git with the smart
4 HTTP transport. First, you will need a git repository on scripts
5 using the smart HTTP transport. Our autoinstaller (add scripts;
6 scripts-git) will do this for you.
8 ### Extracting a certificate
10 Next, you need to get a copy of your certificate. The easiest way
11 to do this is probably to extract it from your browser.
13 In Chromium, go to Preferences, search for “SSL”, pick “Manage
14 Certificates” -\> “Your Certificates”, and then export your
15 certificate. In Firefox, go to Preferences -\> Advanced -\>
16 Encryption -\> View Certificates and then export your
19 This will export your certificate as a PKCS\#12 file, which git
20 doesn’t know how to handle. To convert it to something git *does*
21 know how to handle, run
22 `openssl pkcs12 -in cert.p12 -out cert.pem -nodes` (leave off the
23 -nodes if you want your certificate to be encrypted, but be aware
24 that you’ll need to type your password repeatedly in that case).
26 ### Telling git to use your cert
28 To tell git about your certificate and the server, you’ll want to
31 git config http.sslCert ~/path/to/ssl/cert.pem
32 git remote set-url origin https://locker.scripts.mit.edu/repo/repo.git
33 git remote set-url --push origin https://locker.scripts.mit.edu:444/repo/repo.git
35 In particular, note the :444 in the latter URL, which causes
36 scripts.mit.edu to use certificates.
38 ### Configuring the server to accept client auth
40 You’ll also need to make sure that the server accepts you when
41 identified by cert. Replace the indented lines between “<Files
42 \_git-auth.cgi\>” and “</Files\>” in the .htaccess with one of the
43 snippets from the [certificate authorization FAQ](/faq/15/).
scripts.mit.edu / www / raw.git / blob