1. Deploying Siebel CRM Containers on Kubernetes using Siebel Cloud Manager
  2. Troubleshooting BYO Git Failure

Troubleshooting BYO Git Failure

When using BYO Git, the process_cg_artifacts stage fails during Helm URL validation with the following error:

SSL certificate problem: unable to get local issuer certificate

By default, Git verifies SSL certificates when connecting to remote repositories over HTTPS during operations like 'git clone' or 'git ls-remote'. An error may occur if Git fails to locate or access the necessary local CA certificates required for SSL validation.

This issue often arises when the default CA bundle is not configured properly, or Git cannot find the expected certificate path on the local machine. It can also occur if your CA certificate is not included in the bundle. In these scenarios, Git will throw an error with the message stating that it cannot verify the SSL certificate of the remote repository.

You must configure Git to use the local certificate authority file to resolve this error. To use the local certificate authority file, set the http.sslCAInfo configuration in Git to the correct CA certificate path by executing the following command from the SCM container or pod:

git config --global http.sslCAInfo=/etc/pki/tls/certs/ca-bundle.crt

In the above command:

  • http.sslCAInfo specifies the path to the file containing one or more trusted root certificates that Git uses to verify SSL connections.
  • /etc/pki/tls/certs/ca-bundle.crt is a common location for CA certificates on Linux-based systems. This path might vary depending on the operating system and environment.