RE: Can't access SVN repos from command Line: Server SSL certificate untrusted
From: Edward Ned Harvey (svn4) <svn4_at_nedharvey.com>
Date: Wed, 27 Nov 2013 01:47:11 +0000
> From: Branko Čibej [mailto:brane_at_wandisco.com]
Sorry I just joined this discussion, and I don't have the history, but the subject caught my attention, and I happen to know something (usually a lot) about ssl certificates and so forth... What are the important details and/or original post that I'm missing? I'm only responding to the generic "can't access SVN repos, certificate untrusted."
I'm assuming you're using apache httpd, serving https, and I've certainly seen many situations where some slight variation in the way you install your server cert causes some clients (such as Chrome) to show the cert looking good... while other clients complain about the cert. (I've learned nothing, if not, that you need to test every version of every client on every platform that you care to support.)
I'm making assumptions about your problem, and motivated to say: The most common reason for a cert to be accepted by one client and rejected by another client, is the ordering of the certificate chain. If you needed to concatenate some certs into cert file, the correct ordering is your local server cert, followed by intermediate, followed by root CA.
But maybe I'm cluelessly talking about something unrelated to your actual problem. Sorry if so...
This is an archived mail posted to the Subversion Users mailing list.