[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Help with svn client run by apache, and self signed cert

From: Todd Nine <todd.nine_at_gmail.com>
Date: Wed, 6 Feb 2008 16:46:13 -0500

Hi all,
  I'm running into an issue that I can't seem to solve. I'm running a great
project management tool called redmine. Redmine can integrate with a remote
SVN repository, but it requires the svn client, and executes the command via
the linux shell. Now, our repository uses a self signed cert, so I always
receive the following message.

Error validating server certificate for 'https://source.foobar.com:443':
 - The certificate is not issued by a trusted authority. Use the
   fingerprint to validate the certificate manually!
Certificate information:
 - Hostname: source.foobar.com
 - Valid: from May 7 16:10:31 2007 GMT until May 4 16:10:31 2017 GMT
 - Issuer: IT, BNP Media, Troy, Michigan, US
 - Fingerprint: 21:06:83:c6:51:88:64:89:a4:4e:d2:f7:5c:14:a5:45:ba:03:8f:12
(R)eject, accept (t)emporarily or accept (p)ermanently? svn: PROPFIND
request failed on '/source/insight/insight'
svn: PROPFIND of '/source/insight/insight': Server certificate verification
failed: issuer is not trusted (https://source.foobar.com)

Normally with a command line client, I simply permanently accept the cert.
However, my user 'apache' which calls the svn client, doesn't have a log in
shell for security reasons. What I have done is connect to the certificate
with my username, then recursively copy the .subversion/auth/svn.ssl.server/
to /var/www, which is the 'apache' user's home. This works, but it seems
like a potential security flaw, is there a cleaner way to fix this?

Thanks,
Todd
Received on 2008-02-06 22:46:36 CET

This is an archived mail posted to the Subversion Users mailing list.