On 26.08.2013 11:55, Ivan Zhakov wrote:
> On Mon, Aug 26, 2013 at 1:41 AM, Stefan Sperling <stsp_at_elego.de> wrote:
>> On Mon, Aug 26, 2013 at 12:30:02AM +0300, Sergiy Tkachuk wrote:
>>> I am using TortoiseSVN 1.8.1, Build 24570 - 32 Bit , 2013/07/22
>>> 18:28:29, Subversion 1.8.1, -release, apr 1.4.8, apr-util 1.5.2,
>>> serf 1.3.0, OpenSSL 1.0.1e 11 Feb 2013, zlib 1.2.8
>>> I created batch file and want to call it from Jenkins CI.
>>> The command line follows:
>>> svn update --trust-server-cert --non-interactive --username UserName
>>> --password Password FolderName
>>> If I run it from cmd.exe it is ok.
>>> But if I run it from Jankins, it fails with error:
>>> svn: E230001: Unable to connect to a repository at URL 'https://server/path <https://www.aim-inc-usa.net:8086/svn/dev/ExactWire/trunk/samples/SandboxCi>'
>>> svn: E230001: Server SSL certificate untrusted
>>> I found similar question at SO http://stackoverflow.com/questions/17177405/svn-server-ssl-certificate-untrusted-from-post-commit-hook
>>> , but there is no answer for it.
>>> How can I fix the issue?
>>> Thanks in advance,
>>> Best wishes,
>>> Sergiy Tkachuk
>> The --trust-server-cert option only overrides errors where the hostname
>> does not match the CN given in the certificate. It does not override
>> other error cases, such as expired certificates. Unfortunately,
>> there is currently no way to ignore other error conditions.
> There is a bug in Subversion 1.8.0-1.8.1 that hostname check is
> case-sensitive, while it should be case-insensitive. Subversion
> canonicalize request hostname to lowercase so you get CN mistmatch if
> you have uppercase letters in your server certificate. This problem
> should be fixed in upcoming Subversion 1.8.3:
> * ra_serf: ignore case when checking certificate common names (r1514763)
> Is it your case?
I have managed to fix the issue.
The issue was because of CN mismatch to server name.
Finally certificate with correct CN re-issued, nothing else helped.
I described more details at http://stackoverflow.com/a/18461594/13441
Received on 2013-08-27 11:28:03 CEST