TLS issues with Emacs and Git for Windows

I’ve recently blogged about adding TLS support to Emacs 24.5 on Windows and improving git performance on Windows by installing an alternative git command line client. The reason I ended up investigating how to add SSL and TLS support to Emacs is that when I originally upgraded from the official git Windows client to the Git for Windows build, I ended up with non-working TLS support in Emacs.

The TLS issues only occur if you tell the git installer to add git and all supporting Unix utilities to the path, which is not the default setting for a git installation on Windows.

However if you do install git with this setting, Emacs ends up finding the openssl libraries on the path. This works fine with the older versions packaged with the installer from git-scm.com but results in TLS issues with SSL/TLS connections failing with the newer binaries shipped with Git for Windows. I didn’t dig deeper into why I was seeing the issue as I was in a hurry to get Emacs working again, so I looked for the quickest way to resolve it.

tl;dr – if you’re running into TLS issues with Emacs on Windows and just installed Git for Windows, follow the instructions in Adding TLS Support to Emacs 24.5 on Windows to get SSL/TLS connection from inside Emacs working again.

Adding TLS support to Emacs 24.5 on Windows

The Windows build of Emacs 24.5 doesn’t ship with SSL and TLS support out of the box. Normally that’s not that much of a problem until you are trying to access marmalade-repo or have org2blog talk to your own blog via SSL/TLS.

Adding SSL and TLS support to the Windows builds of Emacs is easy. SSL/TLS support in the official Emacs build for Windows isn’t enabled because it doesn’t ship with the necessary support libraries, but you can get pre-built binaries from the ezwinports project on Sourceforge. Installation is simple – grab the desired binaries (I used gnutls, but there’s also an older openssl build available) and extract them into the root directory of your Emacs install. The directory layout is the same and mimics the standard Unix directory layout so everything ends up in the correct place.

After the next restart of Emacs, a quick

M-: (gnutls-available-p)

should result in ‘t’, showing you that Emacs has found the gnutls binaries. All of a sudden, org2blog can talk to my blog again and I’m finally set up the same way I am on the other OSs I use.

ezwinports has a whole bunch of other useful libraries available as well, like libpng, so check it out.

One caveat – the ezwinports libraries are 32 bit libraries so they work fine with the official 32 bit build of Emacs for Windows, but you need to look into alternatives if you use a 64 bit build.