Our organisation distributes internal certificates by using a group policy on our domain controller. For our git installations, this means that we will need to use the 'Windows Secure Channel' library for HTTPS connections, rather than OpenSSL.
Attempting to connect to a remote Git repository using the VS2019 Enterprise bundled Git with schannel fails with the error:
schannel: next InitializeSecurityContext failed: Unknown error (0x80092013) - The revocation function was unable to check revocation because the revocation server was offline
This error appears both when I use the VS2019 UI to attempt to sync with the repo, and when I run it via command line. (The path to the executable I'm using is C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\Common7\IDE\CommonExtensions\Microsoft\TeamFoundation\Team Explorer\Git\cmd\git.exe
)
If I run the git executable bundled with VS2017 however, I can successfully sync with the repo (executable path: C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\Common7\IDE\CommonExtensions\Microsoft\TeamFoundation\Team Explorer\Git\cmd\git.exe
). HOWEVER, if I open VS2017 and attempt to use the UI I get the same schannel error as above!
Performing a standalone installation of git and setting it up with Windows Secure Channel successfully connects to the remote repository.
The VS2019 bundled git does not work whether using the IDE UI, or through the command line.
The VS2017 bundled git works in the command line, but not through the IDE UI.
My global .gitconfig looks like this:
[user]
name = xxx
email = xxx@xxx.com
[http]
sslBackend = schannel
The VS2019 .gitconfig looks like this:
[core]
symlinks = false
autocrlf = true
[color]
diff = auto
status = auto
branch = auto
interactive = true
[pack]
packSizeLimit = 2g
[help]
format = html
[diff "astextplain"]
textconv = astextplain
[rebase]
autosquash = true
[filter "lfs"]
clean = git-lfs clean -- %f
smudge = git-lfs smudge -- %f
process = git-lfs filter-process
required = true
[include]
; include Git for Windows' system config in order
; to inherit settings like `core.autocrlf`
path = C:/Program Files (x86)/Git/etc/gitconfig
path = C:/Program Files/Git/etc/gitconfig
The VS2017 .gitconfig looks like this (exactly the same as VS2019):
[core]
symlinks = false
autocrlf = true
[color]
diff = auto
status = auto
branch = auto
interactive = true
[pack]
packSizeLimit = 2g
[help]
format = html
[diff "astextplain"]
textconv = astextplain
[rebase]
autosquash = true
[filter "lfs"]
clean = git-lfs clean -- %f
smudge = git-lfs smudge -- %f
process = git-lfs filter-process
required = true
[include]
; include Git for Windows' system config in order
; to inherit settings like `core.autocrlf`
path = C:/Program Files (x86)/Git/etc/gitconfig
path = C:/Program Files/Git/etc/gitconfig
You may try the following steps:
Delete folder (you can back up this folder in case you need to restore it):
C:\Program Files (x86)\Microsoft Visual Studio\2019\xxx\Common7\IDE\CommonExtensions\Microsoft\TeamFoundation\Team Explorer\Git
Make sure that there is no version of Git installed on your system. Uninstall them in Control Panel / Uninstall a program
once you have Git .
Download the latest version of Git and install it.
Run this command in your Git shell to disable the revocation check:
$ git config --global http.schannelCheckRevoke false
Note:
From this link:
We do not recommend setting this config value for normal Git usage. This is intended to be an "escape hatch" for situations where the network administrator has restricted the normal usage of SChannel APIs on Windows that Git is trying to use.