I'm running into an issue that I can't seem to solve. I'm running a great
project management tool called redmine. Redmine can integrate with a remote
SVN repository, but it requires the svn client, and executes the command via
the linux shell. Now, our repository uses a self signed cert, so I always
receive the following message.
Error validating server certificate for 'https://source.foobar.com:443':
- The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually!
- Hostname: source.foobar.com
- Valid: from May 7 16:10:31 2007 GMT until May 4 16:10:31 2017 GMT
- Issuer: IT, BNP Media, Troy, Michigan, US
- Fingerprint: 21:06:83:c6:51:88:64:89:a4:4e:d2:f7:5c:14:a5:45:ba:03:8f:12
(R)eject, accept (t)emporarily or accept (p)ermanently? svn: PROPFIND
request failed on '/source/insight/insight'
svn: PROPFIND of '/source/insight/insight': Server certificate verification
failed: issuer is not trusted (https://source.foobar.com)
Normally with a command line client, I simply permanently accept the cert.
However, my user 'apache' which calls the svn client, doesn't have a log in
shell for security reasons. What I have done is connect to the certificate
with my username, then recursively copy the .subversion/auth/svn.ssl.server/
to /var/www, which is the 'apache' user's home. This works, but it seems
like a potential security flaw, is there a cleaner way to fix this?
Received on 2008-02-06 22:46:36 CET