[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Can't make svn accept the collab.net certificate

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2003-07-17 16:08:11 CEST

Lübbe Onken <L.Onken@rac.de> writes:

> Hi folks,
> I'm in trouble making svn 0.25 (same problem on windows and linux) accept
> the collab.net certificate. I can't get rid of the "Error validating server
> certificate..." message. The only way to achieve this is to uncomment
> #ssl-ignore-unknown-ca = true, but that's not really what I want.

That's because AFAICT, the server certificate posted on the front page
of svn.collab.net is useless to us. There is currently no way to tell
the Subversion client, "hey, please always trust this specific set of
server certificates." Instead, we only have the ability to say
"please always trust this specific set of *certifying authorities*".

But the svn.collab.net certificate is self-signed. So really, we
ought to be posting our phony collabnet "CA" public key instead.

Yes, we'll be adding the missing feature eventally. Our certificate
support will get a revamp once we start using neon 0.24.

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Jul 17 16:10:32 2003

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.