On Tue, Feb 06, 2007 at 02:35:53PM -0800, Daniel Rall wrote:
> On Sun, 04 Feb 2007, Avalon wrote:
>
> > Hello,
> >
> > the described problem has already been discussed - with no solution - in
> > the thread
> > http://subversion.tigris.org/servlets/ReadMsg?list=dev&msgNo=105743 and
> > a related issue http://subversion.tigris.org/issues/show_bug.cgi?id=2597
> >
> > When using subversion from a script with --non-interactive and a
> > ssl-server with a self-signed certificate the certificate verification
> > fails because the issuer is not trusted.
> >
> > The described workarounds to:
> > - interactively accept the certificate once permanently
> > - add the certificate to the "accepted" list
> > are unfortunately not feasible in some scenarios.
> >
> > Is their any way to get an additional argument like
> > "--trust-server-cert" or do the developers think relaxing the security
> > in that way is a no-go?
>
> I am very much in favor of some support for untrusted certificates.
>
> I currently use a patched version of Subversion in my company's
> product to work around this limitation. I do not find having to patch
> Subversion to be an acceptable work-around for this (valid) use case.
>
Sorry to come so late to the thread, but can you give an example scenario
in which is it not feasible to accept the certificate once?
--ben
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Feb 27 19:42:45 2007