How to use Git behind a Symantec Threatpulse MITM proxy/firewall
In some corporate environments, you might be behind a proxy, like Symantec Threatpulse, which intercepts would-be-secure traffic(!), re-signing it before delivery with a different CA. Of course this causes all kinds of problems with the “certificate chain”.
You might see an error like one of these:
fatal: unable to access ‘https://github.com/…’: Empty reply from server
fatal: …self-signed certificate in the certificate chain
fatal: …Recv failure: Connection was reset
The solution for me was to configure a global git proxy as described in this SO answer, getting git to work with a proxy server:
Configure a proxy at the command line like this:
git config --global http.proxy http://proxy.threatpulse.net:8080
And if you need to disable it again,
git config --global --unset http.proxy
If your proxy server requires username and password, add them into the URL like http://username:password@proxy.server.com:8080
If your username is an email address, you must URL encode the @ sign as %40