Re: Self-Signed Cert and Repository problem

On Mon, Aug 11, 2003 at 11:20:06AM -0400, Andrew wrote:
| I have two issues at the moment.
|
| 1st issue: Has to do with self-signed certificates. Is there a way to
| inform the svn client that this is a known good Cert.
|
| Error validating server certificate: Unknown certificate issuer. Accept?
| (y/N): y

In the case of self-signed certificate, the subject and the issuer are
the same entity, and hence the same certificate can be used as both the
SSL server certificate and the CA certificate.

You can easily check this by comparing the subject key identifier and the
authority key identifier in a certificate:

openssl x509 -in certificate.pem -text

should give you the information you need to see. In a self-signed certificate,
both will be of the same value.

To fix this error message, you have to register the CA certificate with
the Subversion client (the server certificate itself in case of a
self-signed certificate). You can do that by editing ~/.subversion/servers
and using the ssl-authorities-file directive there.

| 2nd issue: I have a number of repositories and one is named kaleo. While
| access to all of the others work fine which means my configuration of Apache
| is working this one reports the following error.
|
| svn: RA layer request failed
| svn: PROPFIND request failed on '/kaleo'
| svn: PROPFIND of '/kaleo': 301 Moved Permanently (https://svn.xxxxx.yyy)

It looks like your Subversion DAV server is configured to redirect
requests from the URI you have used to some other location. Check the
configuration of the server.

Mukund

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Aug 11 23:29:26 2003