Fail to clone over https without username in URL

Server: Cent 7.4.1708, gitlab-ce-10.6.4-ce.0.el7, git-
Server gitlab.rb

external_url ''
gitlab_rails['ldap_enabled'] = true
gitlab_rails['ldap_host'] = ''
gitlab_rails['ldap_port'] = '636'
gitlab_rails['ldap_uid'] = 'sAMAccountName'
gitlab_rails['ldap_method'] = 'ssl'
gitlab_rails['ldap_bind_dn'] = 'CN=ldapuser,OU=TopO,DC=MyCompany,DC=net'
gitlab_rails['ldap_password'] = 'secret'
gitlab_rails['ldap_allow_username_or_email_login'] = 'true'
gitlab_rails['ldap_base'] = 'DC=MyCompany,DC=net'
gitlab_rails['ldap_active_directory'] = 'true'

unicorn['worker_timeout'] = 120
unicorn['worker_processes'] = 5
nginx['enable'] = true
nginx['redirect_http_to_https'] = true
nginx['redirect_http_to_https_port'] = 80
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.cer"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.key"
nginx['ssl_protocols'] = "TLSv1.1 TLSv1.2"
letsencrypt['contact_emails'] = [''] # Optional
letsencrypt['enable'] = false

Client: Oracle Enterprise Linux 6.9

- nss-3.28.4-4.0.1.el6_9.x86_64
- libcurl-7.19.7-53.el6_9.x86_64
- curl-7.19.7-53.el6_9.x86_64
- ca-certificates-2017.2.14-65.0.1.el6_9.noarch
- git-1.7.1-9.el6_9.x86_64

Client gitconfig:

    email =
    name = myuser

Client2 RHEL 6.9


No http proxy in the environment.

This DOES work fine on CentOS 7 and RHEL 7, so I suspect it is a bug in the code (hence the reason for providing client package information).

To get it to play nice I update nss, libcurl, and ca-certificates to the latest packages available. What you see above is what I have available in the normal repos.

The following fails on both (6.5-6.9) 6.9 clients:

git clone
Initialized empty Git repository in /root/test/scripts/.git/
error: The requested URL returned error: 401 Unauthorized while accessing

fatal: HTTP request failed

The following does work:

git clone
Initialized empty Git repository in /root/test/scripts/.git/
remote: Counting objects: 33, done.
remote: Compressing objects: 100% (29/29), done.
remote: Total 33 (delta 2), reused 0 (delta 0)
Unpacking objects: 100% (33/33), done.

I have been working on this for hours. I don’t want to fall back to ssh or http. I would just like to get this working. I must be running into a bug or configuration. I am hoping this is a known issue and there are known fixes/workarounds for it.

I’m not sure if it will be the same case that happened to me, but can you try this for a workaround?

git config --global credential.helper store

1 Like

I wasn’t aware of that command. I like it.

However, I am mostly trying to resolve the issue so that coworkers using https to clone wont run into the same issues that I did should they forget to first add username@ to the URL. I can remember it myself, but I want to make it easier for them. I am afraid some wont use it should they have this problem

1 Like

Hi, Did you figure this out ?