On Mon, Aug 13, 2012 at 9:28 AM, Philip Martin
<philip.martin_at_wandisco.com> wrote:
> Daniel Shahaf <d.s_at_daniel.shahaf.name> writes:
>
>> Johan Corveleyn wrote on Sat, Aug 11, 2012 at 22:11:22 +0200:
>>>
>>> Okay, I see there is an --ssl-cert option in svntest/main.py which
>>> does the necessary stuff. It's just not exposed through win-tests.py.
>>
>> Someone must have added it while I wasn't looking...
>
> Me. subversion/tests/cmdline/davautocheck.sh does the relevant magic to
> setup Apache if one uses:
>
> make davautocheck USE_SSL=1
Nice. I made a change (locally) to win-tests.py to also pass this
option, but it doesn't seem to work properly. I created a CA
certificate and signed a server cert with that. When I pass
--ssl-cert=server.crt, it fails with:
[[[
Error validating server certificate for 'https://localhost:443':
- The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually!
Certificate information:
- Hostname: localhost
- Valid: from Aug 13 00:26:09 2012 GMT until Aug 7 00:26:09 2032 GMT
- Issuer: (null), Test, (null), Test, BE ((null))
- Fingerprint: C2:50:D1:2C:03:32:26:8B:04:97:16:4A:F0:BB:E5:27:1A:A8:46:40
(R)eject or accept (t)emporarily?
]]]
Even though the cert is correctly put into a file in
config\auth\svn.ssl.server. Is this normal? Is there something wrong
with the issuer? Or is the only way to accept my certificate to also
add "ssl-authority-files=/path/to/ca.crt" in the servers file from
within main.py?
See also dav-tests.log in attachment.
--
Johan
Received on 2012-08-13 14:38:43 CEST