[TSVN] Re: SSL Certificate issuer not recognized.

Stratis Karamanlakis wrote:
>
> When TortoiseSVN tries to access my server, I get the warning:
>
> Error validating server certificate for https://secure.odesk.com:443
> Unknown certificate issuer:
>
[...]
> Can you please provide any feedback on where the error lies ?
> + Are there any known issues with wildcard certificate chains and
> TortoiseSVN?
> + Is the Root CA above 'unknown' to TortoiseSVN or OpenSSL or
> whatever...
> In that case is it likely that it could be added sometime soon ?

When connecting to a https URL TortoiseSVN uses the subversion library
which uses neon to connect to the URL. The ssl-work in neon (like
certificate validation) is handled by the ssl-libraries "libeay32.dll"
and "ssleay32.dll" (Included in tsvn msi installation.)

So:

Isn't it possible to "accept permanently" once for every user
(because of an error) or do you just want this question to
never appear after tsvn installation?

In the first case you should ask your question on openssl
mailing lists.

In the second case you could give the following a try:
(never tried this setup exactly under Windows, so don't except too much.)

The included precompiled libraries probably search the "cert bundle"
under %HOMEPATH%\usr\local\ssl\cert.pem (found with FileMon)
or %SSL_CERT_FILE% if set.

You should export the root certificates which you want tsvn
o trust and give the ssl routines used in tsvn the information
where to look. (system environment variable)

For infos about root certificates and openssl see
    http://lynx.isc.org/current/README.rootcerts

-- 
markus.schuh@sdm.de
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: dev-help@tortoisesvn.tigris.org