RE: Can't access SVN repos from command Line: Server SSL certificate untrusted

> From: Branko Čibej [mailto:brane_at_wandisco.com]
> Sent: Tuesday, November 26, 2013 11:17 AM
>
> On 26 Nov 2013 15:39, "Mehdi Hayani" <hayani.mehdi149_at_gmail.com>
> wrote:
> > I've asked the other team and here is their response:
> >
> > >When you upgraded the server, did you also upgrade mod_dav_svn
> only?
> >
> > No change has occurred on mod dav svn
> If this means that the Subversion libraries were upgraded, but mod_dav_svn
> was not, that may be the reason for your problem. It's not very likely, but is
> worth investigating.

Sorry I just joined this discussion, and I don't have the history, but the subject caught my attention, and I happen to know something (usually a lot) about ssl certificates and so forth... What are the important details and/or original post that I'm missing? I'm only responding to the generic "can't access SVN repos, certificate untrusted."

I'm assuming you're using apache httpd, serving https, and I've certainly seen many situations where some slight variation in the way you install your server cert causes some clients (such as Chrome) to show the cert looking good... while other clients complain about the cert. (I've learned nothing, if not, that you need to test every version of every client on every platform that you care to support.)

I'm making assumptions about your problem, and motivated to say: The most common reason for a cert to be accepted by one client and rejected by another client, is the ordering of the certificate chain. If you needed to concatenate some certs into cert file, the correct ordering is your local server cert, followed by intermediate, followed by root CA.

But maybe I'm cluelessly talking about something unrelated to your actual problem. Sorry if so...
Received on 2013-11-27 02:47:49 CET