August 28, 2011
Mercurial: warning: certificate with fingerprint XXXXXXXXX not verified (check hostfingerprints or web.cacerts config setting)

We are using Mercurial as our daily bases DVCS. It is very handy and easy to use. When I updated my Mercurial installation to version 1.7.5, I started to notice this warning message:

warning: certificate with fingerprint 
not verified (check hostfingerprints or web.cacerts config setting)

Then I googled for that and found this link from Mercurial web site. The using of certificates as explained there didn’t work for me, but what worked is using the fingerprint of the server which is printed in the warning message, and here are the steps how to verify it:

1- Click on the left side of the URL bar:

2- This will display a pop-up window from which click on the "More Information…" button.

3- Another is going to be opened then click the view certificate button:

4- Now investigate the SHA1 Fingerprint value at the bottom of the Certificate Viewer window, it should be identical to the fingerprint displayed in Mercurial warning message, in my case it was 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe.

Now after we verified the fingerprint and as explained in the link mentioned above, you need to do the following:

Either edit the ~/.hgrc or the <MERCURIAL_REPO_DIR>/.hg/hgrc and add the following section to it:

[hostfingerprints] = 81:2b:08:90:dc:d3:71:ee:e0:7c:b4:75:ce:9b:6c:48:94:56:a1:fe

Now everything should be OK and the warning message should disappear.

1- I used Firefox but the same steps should apply for Google Chrome.
2- I used as a an example but these steps should apply for other sites.

  1. samthestewart reblogged this from tadabborat
  2. tadabborat posted this