Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

"2FA error: Communication error: SSL-Client SSL-Client (Anonym)" occures at git-commit #1491

Closed
ffischer1984 opened this issue Jun 11, 2018 · 13 comments

Comments

@ffischer1984
Copy link

commented Jun 11, 2018

Hi
i get this error: "2FA error: Communication error: SSL-Client SSL-Client (Anonym)" by creating a git-commit. Abap-git asks me about username/password so I'm a little bit astonished that I get an SSL-Error.
My password is 99% correct because i use a password-manager so what I'm doing wrong?

Any ideas what i'm doing wrong will be appreciated.
Thanks for the help.

@larshp

This comment has been minimized.

Copy link
Owner

commented Jun 11, 2018

try running the program described in: https://docs.abapgit.org/other-test-ssl.html and paste output here

you might need to import additional certificates for https://api.github.com

@larshp larshp added the question label Jun 11, 2018

@ffischer1984

This comment has been minimized.

Copy link
Author

commented Jun 11, 2018

Cloning a repo is sucessfully I just can't commit something (I created my own repo with an readme.md file)
Here is the result from ssl test for git

"11.06.2018 ssl test für git 1


https://github.com : ok


Error Number 1

ICM_HTTP_SSL_PEER_CERT_UNTRUSTED
Also check transaction SMICM -> Goto -> Trace File -> Display End"

this "SMICM -> Goto -> Trace File -> Display End" leads to SMICM -> Goto -> Trace File -> Display End" leads to "[Thr 140502990296928] *** ERROR => NiIBindSocket: could not delete file '/tmp/.sapstream64998' (hdl 1; errno=0) [nixxi.cpp 3870]"-Message

Seems like the signing-process wasn't successful:

[Thr 140502235629312] Peer not trusted
[Thr 140502235629312] Certificate:
[Thr 140502235629312] Certificate:
[Thr 140502235629312] Subject: CN=*.github.com, O="GitHub, Inc.", L=San Francisco, SP=California, C=U
[Thr 140502235629312] Issuer: CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=Digi
[Thr 140502235629312] Serial Number: 0D:9D:DD:E7:CF:AC:61:9A:C3:86:6F:AE:35:45:8A:94
[Thr 140502235629312] Verification result:
[Thr 140502235629312] Status: Not successful
[Thr 140502235629312] SignerStatus: Not successful
[Thr 140502235629312] SignerVerificationResult:
[Thr 140502235629312] Status: Not successful
[Thr 140502235629312] Validity: Successful
[Thr 140502235629312] BasicConstraints: Successful
[Thr 140502235629312] KeyUsage: Successful
[Thr 140502235629312] ObjectStatus: Not successful
[Thr 140502235629312] SignerCert:
[Thr 140502235629312] Certificate:
[Thr 140502235629312] Subject: CN=DigiCert SHA2 High Assurance Server CA, OU=www.digicert.com, O=D
[Thr 140502235629312] Issuer: CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiC
[Thr 140502235629312] Serial Number: 04:E1:E7:A4:DC:5C:F2:F3:6D:C0:2B:42:B8:5D:15:9F
[Thr 140502235629312] Verification result:
[Thr 140502235629312] Status: Not successful
[Thr 140502235629312] SignerStatus: Not successful
[Thr 140502235629312] SignerVerificationResult: None
[Thr 140502235629312] << ---------- End of Secu-SSL Errorstack ----------

Do I need an owner certificate I just ask because i don't have one and i've inserted the github-certificates, too.
Here is a screenshot of my strust-screen: https://www.dropbox.com/s/e6e055b5xp0x5mt/strust1.PNG?dl=0

@ffischer1984

This comment has been minimized.

Copy link
Author

commented Jun 11, 2018

the api.github.com certificate solved the problem

@hardyp

This comment has been minimized.

Copy link

commented Jun 11, 2018

I have the same issue. What does your STRUST screen look like after you added the api.github.com certificate?

@ffischer1984

This comment has been minimized.

Copy link
Author

commented Jun 12, 2018

i've three certificates:

  • digicert / github
  • github.com
  • api.github.com

https://www.dropbox.com/s/oder81vnwhfw7sz/strust2.PNG?dl=0

@hardyp

This comment has been minimized.

Copy link

commented Jun 13, 2018

Thanks for that. I have all three as well but the SSL test program still faisl. Therefore the problem is on my side, and I will keep pressing my BASIS people.

@ffischer1984

This comment has been minimized.

Copy link
Author

commented Jun 13, 2018

@hardyp

This comment has been minimized.

Copy link

commented Jun 13, 2018

Yes that works fine. On the SSL test program the first URL works OK i.e. I can "pull" from GitHub to SAP.
I just get the error on the SSL test program when trying to connect to |api.github/.com| which you need to do to do a "commit" when it checks the 2FA.
I think the problem is something to do with a proxy setting on my side.

@ffischer1984

This comment has been minimized.

Copy link
Author

commented Jun 13, 2018

@hardyp

This comment has been minimized.

Copy link

commented Jun 13, 2018

Oh yes, they were set a few weeks back. Before they were set I could not pull anything from GitHub and the SSL program failed on both URLs.

On the error message it says
Certificate : api.github.com etc etc
Issuer : some sort of proxy from my company

Hence I suspect the problem is with the latter. It is possible the SAP system does not trust one of our own proxies, If so maybe I need to get the certificate from the proxy and install that into STRUST as well.

@hf-kklein

This comment has been minimized.

Copy link
Contributor

commented Aug 21, 2019

Checking out public repositories from GitHub worked just fine but when I tried to clone a private repository I got the error message:

2FA error: Communication error: SSL-Client SSL-Client (Anonym)

after entering the Github credentials.

Installing the certificates for api.github.com as described above solved it.

you might need to import additional certificates for https://api.github.com

@flaiker

This comment has been minimized.

Copy link
Collaborator

commented Aug 26, 2019

egin : Sun Jul 7 19:00:00 2019 (190708000000Z)
nd : Thu Jul 16 07:00:00 2020 (200716120000Z)
urrent : Fri Apr 26 10:56:33 2019 (20190426155633Z)

@salamancacm77 Are you from the past?

@flaiker

This comment has been minimized.

Copy link
Collaborator

commented Aug 26, 2019

@flaiker I don't understand

You seem to have forgotten to adjust your watch after travelling 4 months into the future.

Peer certificate not yet valid:
Validity not before: Sun Jul 7 19:00:00 2019 (190708000000Z)
Validity not after: Thu Jul 16 07:00:00 2020 (200716120000Z)
Begin : Sun Jul 7 19:00:00 2019 (190708000000Z)
End : Thu Jul 16 07:00:00 2020 (200716120000Z)
Current : Fri Apr 26 10:56:33 2019 (20190426155633Z)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.