failed, reason: self signed certificate in certificate chain | git Clone

[Mayankm13]

Hello team 👋

We have a report of actions checkout@v3 failing in an actions-enabled beta on GHES 2.22 with the following message:

failed, reason: self-signed certificate in the certificate chain

This is running a simple workflow that only clone my private repository with a token

docker-Build:
runs-on: [ 'self-hosted' ]
container:
image: centos:centos7.9.2009

FYI I try git config --global http.sslVerify false but still failing

Thanks!

[djdefi]

The self-signed certificate in the certificate chain message means the GitHub Enterprise Server appliance is using the default self signed certificate which is not trusted by the runner's CA store, or the certificate chain may include a Root CA incorrectly. The "Certificate validity errors" section of our GitHub Enterprise Server Documentation may be helpful.

Additionally, but not directly related to the error: The 2.22 version of GitHub Enterprise Server was discontinued on 2021-09-23. For continued support for Actions on GHES, better performance, improved security, and new features, you should upgrade to the latest version of GitHub Enterprise.

[kdipippo]

Adding another comment here that the likely reason why git config --global http.sslVerify false doesn't work is because that would affect git-related commands like clone. actions/checkout@v3 uses the GitHub API for performing its actions, so the error message is actually produced as an API error and not as a git error.