Fail to clone over https without username in URL

ENVIRONMENT:
Server: Cent 7.4.1708, gitlab-ce-10.6.4-ce.0.el7, git-1.8.3.1-12.el7_4
Server gitlab.rb

external_url 'https://gitlab.mycompany.net'
gitlab_rails['ldap_enabled'] = true
gitlab_rails['ldap_host'] = 'dc1.mycompany.net'
gitlab_rails['ldap_port'] = '636'
gitlab_rails['ldap_uid'] = 'sAMAccountName'
gitlab_rails['ldap_method'] = 'ssl'
gitlab_rails['ldap_bind_dn'] = 'CN=ldapuser,OU=TopO,DC=MyCompany,DC=net'
gitlab_rails['ldap_password'] = 'secret'
gitlab_rails['ldap_allow_username_or_email_login'] = 'true'
gitlab_rails['ldap_base'] = 'DC=MyCompany,DC=net'
gitlab_rails['ldap_active_directory'] = 'true'

unicorn['worker_timeout'] = 120
unicorn['worker_processes'] = 5
nginx['enable'] = true
nginx['redirect_http_to_https'] = true
nginx['redirect_http_to_https_port'] = 80
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.cer"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.key"
nginx['ssl_protocols'] = "TLSv1.1 TLSv1.2"
letsencrypt['contact_emails'] = ['myemail@MyCompany.com'] # Optional
letsencrypt['enable'] = false

Client: Oracle Enterprise Linux 6.9

- nss-3.28.4-4.0.1.el6_9.x86_64
- libcurl-7.19.7-53.el6_9.x86_64
- curl-7.19.7-53.el6_9.x86_64
- ca-certificates-2017.2.14-65.0.1.el6_9.noarch
- git-1.7.1-9.el6_9.x86_64

Client gitconfig:

[user]
    email = myuser@mycompany.com
    name = myuser

Client2 RHEL 6.9

nss-3.28.4-4.0.1.el6_9.x86_64
libcurl-7.19.7-53.el6_9.x86_64
ca-certificates-2017.2.14-65.0.1.el6_9.noarch
git-1.7.1-9.el6_9.x86_64
curl-7.19.7-53.el6_9.x86_64

No http proxy in the environment.

This DOES work fine on CentOS 7 and RHEL 7, so I suspect it is a bug in the code (hence the reason for providing client package information).

To get it to play nice I update nss, libcurl, and ca-certificates to the latest packages available. What you see above is what I have available in the normal repos.

The following fails on both (6.5-6.9) 6.9 clients:

git clone http://gitlab.mycmopany.net/linux/scripts.git
Initialized empty Git repository in /root/test/scripts/.git/
error: The requested URL returned error: 401 Unauthorized while accessing http://gitlab.mycompany.net/linux/scripts.git/info/refs

fatal: HTTP request failed

The following does work:

git clone http://myuser@mycompany.mycompany.net/linux/scripts.git
Initialized empty Git repository in /root/test/scripts/.git/
Password:
remote: Counting objects: 33, done.
remote: Compressing objects: 100% (29/29), done.
remote: Total 33 (delta 2), reused 0 (delta 0)
Unpacking objects: 100% (33/33), done.

I have been working on this for hours. I don’t want to fall back to ssh or http. I would just like to get this working. I must be running into a bug or configuration. I am hoping this is a known issue and there are known fixes/workarounds for it.

Hi,
I’m not sure if it will be the same case that happened to me, but can you try this for a workaround?

git config --global credential.helper store

1 Like

I wasn’t aware of that command. I like it.

However, I am mostly trying to resolve the issue so that coworkers using https to clone wont run into the same issues that I did should they forget to first add username@ to the URL. I can remember it myself, but I want to make it easier for them. I am afraid some wont use it should they have this problem

1 Like

Hi, Did you figure this out ?

thanks.