Re: Can't make svn accept the collab.net certificate

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2003-07-17 16:08:11 CEST

LÃ¼bbe Onken <L.Onken@rac.de> writes:

> Hi folks,
>
> I'm in trouble making svn 0.25 (same problem on windows and linux) accept
> the collab.net certificate. I can't get rid of the "Error validating server
> certificate..." message. The only way to achieve this is to uncomment
> #ssl-ignore-unknown-ca = true, but that's not really what I want.

That's because AFAICT, the server certificate posted on the front page
of svn.collab.net is useless to us. There is currently no way to tell
the Subversion client, "hey, please always trust this specific set of
server certificates." Instead, we only have the ability to say
"please always trust this specific set of *certifying authorities*".

But the svn.collab.net certificate is self-signed. So really, we
ought to be posting our phony collabnet "CA" public key instead.

Yes, we'll be adding the missing feature eventally. Our certificate
support will get a revamp once we start using neon 0.24.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Jul 17 16:10:32 2003

This message: [ Message body ]
Next message: Ben Collins-Sussman: "Re: HELP!! - Berkeley DB error"
Previous message: Ben Collins-Sussman: "Re: Issue: Extra log CRs under Windows"
In reply to: Lübbe Onken: "Can't make svn accept the collab.net certificate"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]