From 3578007c38a5d71c2de2cf1e31069a7013bc7d82 Mon Sep 17 00:00:00 2001
From: vincentkersten <vincentkersten@noreply.gitea.com>
Date: Wed, 8 Oct 2025 16:30:48 +0000
Subject: [PATCH] Update docs/administration/reverse-proxies.md (#280)

Using a full certificate chain will prevent errors from using git directly on the URL to be pulled/cloned.
 (Error: 'fatal: unable to access 'https://git.example.net/git/sarah/test.git': server certificate verification failed. CAfile: none CRLfile: none')

Reviewed-on: https://gitea.com/gitea/docs/pulls/280
Reviewed-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: vincentkersten <vincentkersten@noreply.gitea.com>
Co-committed-by: vincentkersten <vincentkersten@noreply.gitea.com>
---
 docs/administration/reverse-proxies.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/administration/reverse-proxies.md b/docs/administration/reverse-proxies.md
index b2e48b94..353c0056 100644
--- a/docs/administration/reverse-proxies.md
+++ b/docs/administration/reverse-proxies.md
@@ -14,6 +14,7 @@ aliases:
 2. Make the reverse-proxy pass `https://git.example.com/foo` to `http://gitea:3000/foo`.
 3. Make sure the reverse-proxy does not decode the URI. The request `https://git.example.com/a%2Fb` should be passed as `http://gitea:3000/a%2Fb`.
 4. Make sure `Host` and `X-Fowarded-Proto` headers are correctly passed to Gitea to make Gitea see the real URL being visited.
+5. Make sure your webserver has a certificate, including all intermediate and RootCA certificates, for `git clone` and `git pull` to work. 
 
 ### Use a sub-path