On Fri, Nov 06, 2009 at 10:33:26AM +0100, Erik Wasser wrote:
> Running the same command at home brings me to this:
>
> % svn ls https://dev.int.example.net/
> Error validating server certificate for 'https://dev.int.example.net:443':
> - The certificate hostname does not match.
> - The certificate has expired.
> - The certificate has an unknown error.
> Certificate information:
> - Hostname: *.example.net
> - Valid: from Mon, 11 Jun 2007 00:00:00 GMT until Wed, 15 Sep 2010 23:59:59
> GMT
> - Issuer: Comodo CA Limited, Salford, Greater Manchester, GB
> - Fingerprint: d2:d6:76:ee:7c:b1:87:ce:28:6a:0e:eb:c5:03:87:30:cf:1d:a7:b9
> (R)eject or accept (t)emporarily?
Is this issue still reproducible with neon 0.29? The most obvious cause
would be the system clock being wrong on this host.
The second error "The certificate has an unknown error." is caused by
SVN not handling some new cert verification failure modes in neon 0.29
(NE_SSL_BADCHAIN, NE_SSL_REVOKED) - it would be helpful if you could
file a bug on that against the "libsvn_ra_neon" component so this isn't
forgotten.
It is likely that the error being hit there is also an expired cert
within the chain, and again, this could be caused by clock skew.
Regards, Joe
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2427025
Please start new threads on the <users_at_subversion.apache.org> mailing list.
To subscribe to the new list, send an empty e-mail to <users-subscribe_at_subversion.apache.org>.
Received on 2009-12-04 14:55:38 CET