From be71e5c15e6c48fb5556c7664a149eb481eb0ebb Mon Sep 17 00:00:00 2001
From: Edward Z Yang <ezyang@mit.edu>
Date: Sun, 29 Jul 2012 22:30:26 -0400
Subject: [PATCH] Import from TextPattern

---
 faq/146.mdwn | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 faq/146.mdwn
diff --git a/faq/146.mdwn b/faq/146.mdwn
new file mode 100644
index 0000000..091a3b4
--- /dev/null
+++ b/faq/146.mdwn
@@ -0,0 +1,46 @@
+[[!meta title="How can I avoid typing my password repeatedly when using git with the smart HTTP transport?"]]
+It is possible to use git with client certificates. This avoids
+needing to repeatedly type passwords when using git with the smart
+HTTP transport. First, you will need a git repository on scripts
+using the smart HTTP transport. Our autoinstaller (add scripts;
+scripts-git) will do this for you.
+
+### Extracting a certificate
+
+Next, you need to get a copy of your certificate. The easiest way
+to do this is probably to extract it from your browser.
+
+In Chromium, go to Preferences, search for âSSLâ, pick âManage
+Certificatesâ -\> âYour Certificatesâ, and then export your
+certificate. In Firefox, go to Preferences -\> Advanced -\>
+Encryption -\> View Certificates and then export your
+certificates.
+
+This will export your certificate as a PKCS\#12 file, which git
+doesnât know how to handle. To convert it to something git *does*
+know how to handle, run
+`openssl pkcs12 -in cert.p12 -out cert.pem -nodes` (leave off the
+-nodes if you want your certificate to be encrypted, but be aware
+that youâll need to type your password repeatedly in that case).
+
+### Telling git to use your cert
+
+To tell git about your certificate and the server, youâll want to
+run
+
+      git config http.sslCert ~/path/to/ssl/cert.pem
+      git remote set-url origin https://locker.scripts.mit.edu/repo/repo.git
+      git remote set-url --push origin https://locker.scripts.mit.edu:444/repo/repo.git
+
+In particular, note the :444 in the latter URL, which causes
+scripts.mit.edu to use certificates.
+
+### Configuring the server to accept client auth
+
+Youâll also need to make sure that the server accepts you when
+identified by cert. Replace the indented lines between â<Files
+\_git-auth.cgi\>â and â</Files\>â in the .htaccess with one of the
+snippets from the [certificate authorization FAQ](/faq/15/).
+
+
+
-- 
2.45.2

