On Sun, 04 Feb 2007, Avalon wrote:
> Hello,
>
> the described problem has already been discussed - with no solution - in
> the thread
> http://subversion.tigris.org/servlets/ReadMsg?list=dev&msgNo=105743 and
> a related issue http://subversion.tigris.org/issues/show_bug.cgi?id=2597
>
> When using subversion from a script with --non-interactive and a
> ssl-server with a self-signed certificate the certificate verification
> fails because the issuer is not trusted.
>
> The described workarounds to:
> - interactively accept the certificate once permanently
> - add the certificate to the "accepted" list
> are unfortunately not feasible in some scenarios.
>
> Is their any way to get an additional argument like
> "--trust-server-cert" or do the developers think relaxing the security
> in that way is a no-go?
I am very much in favor of some support for untrusted certificates.
I currently use a patched version of Subversion in my company's
product to work around this limitation. I do not find having to patch
Subversion to be an acceptable work-around for this (valid) use case.
- Dan
- application/pgp-signature attachment: stored
Received on Tue Feb 6 23:36:03 2007