I'd have thought that providing relevant information would have been helpful�.
Nevertheless, I'm still having trouble with this. I've exported the relevant CA certificate and edited ~�/.subversion/servers to look for it. I know that it's finding it, because when I deliberately misspell the file name, it gives me a different error (svn: Invalid config: unable to load certificate file '/<home>/.subversion/geotruste.pem') than I have been seeing previously (SSL certificate checks failed: Server certificate verification failed: issuer is not trusted). Is there something else I can try?
Z
On Mar 9, 2012, at 5:53 PM, Daniel Shahaf wrote:
Zachary,
Saw your other emails. If you'd like help from this mailing list it's
best to ask us a self-contained question. Forwarding random threads and
raw transcripts to this list will get you nowhere.
Daniel
Greg Stein wrote on Thu, Mar 08, 2012 at 20:26:26 +0000:
On Thu, Mar 08, 2012 at 02:56:10PM -0500, Zachary Burnham wrote:
Hi. I'm having some trouble with command-line svn on OSX 10.7.3 . The problem appears to be that subversion can't find the CA certificates that are installed on my system (visible in Keychain Access.) I get the following error:
$ svn log
Error validating server certificate for 'https://<repo>:443':
- The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually!
Certificate information:
- Hostname: *.<repo>
- Valid: from Sun, 12 Feb 2012 02:34:03 GMT until Mon, 15 Apr 2013 19:02:56 GMT
- Issuer: GeoTrust, Inc., US
- Fingerprint: <stuff>
As you can see, the dates are OK, and the CA is valid. Going to the same url in Safari and Firefox gives a valid SSL connection.
Does anyone have any suggestions?
I had the same problem, and came up with the following solution:
1) go into KeyChain Access and find the root certificate that you need
2) select and ctrl-click for the submenu and choose: Export "foo" ...
3) switch the file format to "Privacy Enhance Mail (.pem)"
4) save the result into /Users/whatever/.subversion
5) edit /Users/whatever/.subversion/servers:
ssl-authority-files = /Users/whatever/.subversion/foo.pem
Note that if you need multiple CAs, then use the following format:
ss-authority-files = /Users/whatever/.subversion/first.pem;/Users/whatever/.subversion/second.pem
It is important that there are no spaces around the ";" and that it
resides on a single line.
Hope that helps,
-g
_____________________
Zachary Burnham
Web Developer
EFI Consumer Division
1 Willow Street, Suite 2
Southborough, Massachusetts 01772-1026
508.870.2277 x4467 (o)
508.983.7880 (f)
zburnham_at_efi.org<mailto:zburnham_at_efi.org>
Corporate: efi.org<http://efi.org/>
Shop: energyfederation.org<http://energyfederation.org/>
Discuss: blog.energyfederation.org<http://blog.energyfederation.org/>
Follow: twitter.com/efi_org<http://twitter.com/efi_org>
CONFIDENTIALITY NOTICE: This message and attachments, if any, is intended only for the designated recipient to which it is addressed. It may contain proprietary information that is confidential or subject to copyright. If you are not the designated addressee or have otherwise received this email in error you are notified that printing, copying or distributing this message is prohibited and may be unlawful, in which case we request that you notify the sender by reply e-mail and permanently delete this message. Thank you.
Received on 2012-03-12 14:00:00 CET