I'm attempting to communicate with my Bonobo Git repo hosted on a Windows 2012 server using Aptana Studio 3 on my Workstation. I have followed countless guides on creating self signed SSL certificates, using open ssl and still am not able to connect to the Git repo. Here's the steps I have followed:

1. Create a self signed SSL certificate from within the Win2012 server
2. Assign the cert to the https binding of the Bonobo Git Server
3. Install that certificate on my workstation
4. Put the cert into my \Aptana Studio 3 Workspace.metadata.plugins\com.aptana.portablegit.win32\ssl\certs folder
5. Point Git to it using http.sslCAinfo

After that failed, I then attempted to follow this guide to create my own certificate authority, but wasn't able to find a way to allow the windows 2012 server to actually use any of the certs it generated with the Bonobo Git Server binding:

https://enterprise.github.com/help/articles/using-self-signed-ssl-certificates

I have a feeling that I am completely misunderstanding self signed SSL certificates, and how they should be setup on my server and on the workstations accessing them. No matter what I do, I always end up with the following error when attempting to execute push from Git:

error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed while accessing https:xxx.xxx.xxx.xxx:xxxx

I would really love to know exactly how I can create a self signed SSL certificate, install it on the windows 2012 server, set it to be used with the Bonobo Git Server binding, and successfully connect to the git repo from my Workstation.

Figured it out eventually.

As well as the advice you followed, you also need to create as PFX that you can then import into IIS Manager (at the root level of your server). Instructions here.

To sum it up

1. Create your CA cert.
2. Create the service cert. Note: make sure the common name reflects the domain name of your BonoboGit site.
3. Generate the pfx. (from the link I supplied, don't worry about the -certfile parameter)
4. Copy this pfx to your server
5. Through IIS Manager, Server Certificates, Import the PFX, making sure to supply the password you gave when generating the cert.
6. For your site, change the binding for 443 to use the imported pfx (you should see it in the list)

Job done.

EDIT: oops almost forgot. you then need to tell GIT to use your certificate.

git config --local http.sslCAInfo /path/to/your/cert/rootCA.crt

If you haven't already got a repository set up, you'll need to do so first.

cd mygitrepo
git init
git config --local http.sslCAInfo /path/to/your/cert/rootCA.crt
git remote add origin https://git.yourserver.com
git pull master

Should do it.