[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Hard time to verify ssl server certificate.

From: Ben Collins-Sussman <sussman_at_collab.net>
Date: 2005-02-23 18:38:59 CET

On Feb 23, 2005, at 11:27 AM, Ben Collins-Sussman wrote:
>> $ grep ~/.subversion/auth/svn.ssl.server/07* | \
>> perl -ne 'print "-----BEGIN CERTIFICATE-----\n";
>> $x=64;
>> while ($x<length $_) {
>> substr($_,$x, 0, "\n");
>> $x+=65;
>> }
>> print "$_-----END CERTIFICATE-----\n";' | \
>> openssl x509 -inform PEM -fingerprint | \
>> grep Fingerprint
>> to verify the certificate. IMHO, verifying a certificate should not
>> be _that_ hard ;-)

To be fair, the svn client has a single generalized system for caching
authentication information. It's basically just a hashtable saved to
disk. So in this particular case, your "exported" cert is just one of
several pieces of information in the cachefile. The cache was never
designed to be "easily verified" by openssl tools... I'm not sure why
you're trying in the first place?

To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Feb 23 18:41:31 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.