you only need to install the new version of git or set a configuration setting to use tls1.2 to resolve this issue. If you are running windows this is probably the case. If you are running an older version of a UNIX operating system this may not be the case.
Building git requires curl and openssl, and if these are out of date it can cause this error as well. For example, you could download the latest version of curl and build that from source, and then build a new version of git from source as well but if this was all done on a system where your openssl is out of date and doesn't support tls1.2 properly; your newly build version of git and curl are not going to function.
Follow this steps
Use yum or yast to upgrade your openssl, curl and git packages should resolve this error. If you are just needing the setting to set git to use tls1.2 here it is:
git config --global --add http.sslVersion tlsv1.2 git config --global --add http.sslbackend openssl
Here are some examples of debugging the error.
The initial error message git clone https://github.com/some/repo.git Cloning into 'reponame'... fatal: unable to access 'https://github.com/some/repo.git': error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol versionSetting debug in the environment
The expanded error details with debug git clone https://github.com/some/repo.git Cloning into 'ngrep'... Couldn't find host github.com in the .netrc file; using defaults About to connect() to github.com port 443 (# 0) Trying 18.104.22.168... * Connected to github.com (22.214.171.124) port 443 (# 0) successfully set certificate verify locations: CAfile: none
CApath: /etc/ssl/certs/ error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version Expire cleared Closing connection # 0 fatal: unable to access 'https://github.com/some/repo.git': error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol versionChecking curl's functionality
curl https://github.com/some/repo.git curl: (35) error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version
curl --version curl 7.19.7 (x86_64-suse-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8j zlib/1.2.7 libidn/1.10 Protocols: tftp ftp telnet dict ldap ldaps http file https ftps Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz
Here you can see that curl is using an older version of openssl and git is reporting the exact same error because it's built the same out of date shared libraries from openssl. Now, assuming that you have already build the latest version of openssl you could just need to run the ldconfig to update your linker loader. Like so:
If this doesn't resolve the issue it could be that you still need to update openssl or you need to build and install the newer version and then try it again. If it's linked properly you'll see the version of openssl change to the new build in the curl version output.
curl -V curl 7.59.0 (x86_64-pc-linux-gnu) libcurl/7.59.0 OpenSSL/1.1.0g zlib/1.2.7 Release-Date: 2018-03-14 Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp Features: AsynchDNS Largefile NTLM NTLM_WB SSL libz TLS-SRP UnixSockets HTTPS-proxy
At this point you should be able to test curl against the git URL. As long as that is working and not returning any errors, your git should be working as well assuming you're on the latest version.