When connecting to Subversion repositories using SSL connections the SVN client checks the server certificate if it is not expired, if it’s host description matches the host of the repository and if the authority which signed the certificate is trusted.

If the certificate fails to comply with any of the above rules the SVN client will respond with a message such as this one:

Error validating server certificate for ‘https://hostname:443′:
– The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually!
Certificate information:
– Hostname: hostname
– Valid: from Tue, 16 Feb 2010 16:58:39 GMT until Fri, 14 Feb 2020 16:58:39 GMT
– Issuer: company.com, London, Berkshire, GB
– Fingerprint: d5:4e:d8:12:33:12:a5:f1:18:91:77:40:c4:77:3b:0b:f8:51:71:cd
(R)eject, accept (t)emporarily or accept (p)ermanently?

The certificate can still be accepted permanently manually. It may not be a solution if SVN commands are issued by non interactive processes. For example a PHP script run by apache trying to export a branch from the repository.

Certificates signed by trusted authorities such as Verisign should not have any problems. But self signed certificates will not be recognized by the SVN client which in turn will respond with the response above. Self signed certificates can be be made trusted by the SVN client by using the ssl-authority-files configuration option:

ssl-authority-files = /home/void/.subversion/company.crt

The configuration file named servers which holds this configuration option can be stored in multiple locations on the filesystem. First the Subversion client will try to look for it in the home folder of the user that is executing the SVN command. Users such as apache will most likely not have a home folder. In such cases SVN tries to look for the servers file in the /etc/subversion directory. It may or may not exist depending on the OS distribution flavour. For example it exits on Ubuntu but does not exist on CentOS a flavour of RedHat.

Subversion Self Signed Certificates的更多相关文章

  1. What is SSL and what are Certificates?

    Refer to http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/x64.html The content 1.2. What is SSL and ...

  2. 【原】AFNetworking源码阅读(六)

    [原]AFNetworking源码阅读(六) 本文转载请注明出处 —— polobymulberry-博客园 1. 前言 这一篇的想讲的,一个就是分析一下AFSecurityPolicy文件,看看AF ...

  3. IOS开发基础知识--碎片51

    1:https关闭证书跟域名的验证 AFSecurityPolicy *securityPolicy = [AFSecurityPolicy defaultPolicy]; securityPolic ...

  4. 通读AFN③--HTTPS访问控制(AFSecurityPolicy),Reachability(AFNetworkReachabilityManager)

    这一篇主要介绍使用AFN如何访问HTTPS网站以及这些做法的实现原理,还有介绍AFN的网络状态监测部分AFNetworkReachabilityManager,这个模块会和苹果官方推荐的Reachab ...

  5. AFNetworking 3.0 源码解读(二)之 AFSecurityPolicy

    在我们平时的开发中,对网络连接安全方面所做的努力,应该占据很重要的位置. 在解释AFSecurityPolicy之前,我们先把基础的http/https 知识简单的普及一下.获取这方面的信息可通过这本 ...

  6. Step by Step 配置使用HTTPS的ASP.NET Web应用

    原创地址:http://www.cnblogs.com/jfzhu/p/4064654.html 转载请注明出处 有关HTTPS.SSL以及SSL证书的工作原理,参见 <HTTPS那些事(一)H ...

  7. AFNetworking之于https认证

    写在开头: 本来这篇内容准备写在AFNetworking到底做了什么?(三)中的,但是因为我想在三中完结这个系列,碍于篇幅所限.并且这一块内容独立性比较强,所以单独拎出来,写成一篇. 本文从源码的角度 ...

  8. 8.openssl req

    数字证书申请和生成工具.也可以为根CA自行签署证书. 该命令中很多值.属性.格式或默认值都在config文件openssl.cnf中指定. [root@xuexi ~]# man req NAME r ...

  9. 介绍开源的.net通信框架NetworkComms框架 源码分析(二十三 )TCPConnection

    原文网址: http://www.cnblogs.com/csdev Networkcomms 是一款C# 语言编写的TCP/UDP通信框架  作者是英国人  以前是收费的 目前作者已经开源  许可是 ...

随机推荐

  1. HDU1800 hash+去前导0

    注意一:卡map的时间,但是好好写+运气还是可以卡过,哇...求人品爆发 注意二:去前导0,毕竟‘0’也有ASCII码 #include<cstdio> #include<cstdl ...

  2. webdriver元素定位

    #1 通过id定位 driver.find_element_by_id("pop_setting_save").click() #2 通过name定位 driver.find_el ...

  3. 在制作跨平台的 NuGet 工具包时,如何将工具(exe/dll)的所有依赖一并放入包中

    NuGet 提供了工具类型的包支持,生成一个基于 .NET Core 的 dll 或者基于 .NET Framework 的 exe 之后,你几乎可以对项目做任何事情.但是,默认情况下,NuGet 不 ...

  4. 呵呵sql

    INSERT  INTO fnd_document_folder_structure_t (folder_name,parent_folder_id,company_type_id,inv_flag, ...

  5. CentOS 7.0 yum安装Apache、PHP和MySQL

    centos7默认将mariadb视作mysql. p.s.因为mysql被oracle收购后,原作者担心mysql闭源,所以又写了一个mariadb,这个数据库可以理解为mysql的分支. 卸载ma ...

  6. vertica从其它表迁移数据到新表(insert into 语句使用方法实例)

    版权声明:本文为博主原创文章.博主同意自由转载. https://blog.csdn.net/tx18/article/details/26585649 #例:迁移微博用户数据. 因为源表weiboF ...

  7. Python函数 hash()

    hash(object)    hash() 用于获取取一个对象(字符串或者数值等)的哈希值.返回对象的哈希值.  实例: >>>hash('test') # 字符串 2314058 ...

  8. centos7下安装oracle11gR2

    Centos7安装oracle11gR2说明 Centos7安装oracle11gR2说明 环境准备 安装Oracle前准备 创建运行oracle数据库的系统用户和用户组 创建oracle数据库安装目 ...

  9. linux查找目录下的所有文件中是否含有某个字符串 (转)

    查找目录下的所有文件中是否含有某个字符串 find .|xargs grep -ri "IBM" 查找目录下的所有文件中是否含有某个字符串,并且只打印出文件名 find .|xar ...

  10. NFS搭建与配置

    NFS应用场景是:A,B,C三台机器上需要保证被访问到的文件是一样的,A共享数据出来,B和C分别去挂载A共享的数据目录,从而B和C访问到的数据和A上的一致性 172.131.1.135  服务器端 1 ...