Re: SVN certificate doesn't match
On Sep 5, 2010, at 23:26, Al Dimond wrote: According to this page: http://code.google.com/p/support/wiki/SubversionFAQ#What_does_%22use_the_fingerprint_to_validate_the_certificate The SSL certificate for SVN checkouts should be: 4B:3A:10:4F:B1:C4:2C:24:B8:F3:AB:80:15:87:D7:E7:9F:DB:48:48 I get this instead: 85:78:89:4d:68:6b:75:33:f9:21:fb:b6:de:7d:e6:0e:70:1f:98:04 Does the page need to be updated, or am I getting MITM'd? Since I asked myself on August 9, I've seen the cert fingerprint flip back and forth between these two several times, and once to a completely different fingerprint. Either there really is a MITM attack, or there are two different servers which aren't configured identically. I would really appreciate the FAQ being updated to explain this other fingerprint. Unexplained but “normal” fingerprint changes are a great way to train users to ignore the security benefits of fingerprint checking. -- Kevin Reid http://switchb.org/kpreid/ -- You received this message because you are subscribed to the Google Groups Project Hosting on Google Code group. To post to this group, send email to google-code-host...@googlegroups.com. To unsubscribe from this group, send email to google-code-hosting+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-code-hosting?hl=en.
Re: SVN certificate doesn't match
I have a similar problem. SVN commands from within Eclipse complain about the certificate not being trusted (and a non-matching hostname): Error validating server certificate for 'https:// migrid.googlecode.com:443': - The certificate is not issued by a trusted authority. Use the fingerprint to validate the certificate manually! - The certificate hostname does not match. Certificate information: - Subject: CN=*.googlecode.com, O=Google Inc, L=Mountain View, ST=California, C=US - Valid: from Thu Aug 05 06:57:23 CEST 2010 until Fri Aug 05 07:07:23 CEST 2011 - Issuer: CN=Google Internet Authority, O=Google Inc, C=US - Fingerprint: 85:78:89:4d:68:6b:75:33:f9:21:fb:b6:de:7d:e6:0e:70:1f: 98:04 This is the same fingerprint as quoted in the original message. Where on the googlecode site can I find the correct fingerprint? Thanks Jost On Sep 6, 5:26 am, Al Dimond businessmanprogrammerst...@gmail.com wrote: According to this page: http://code.google.com/p/support/wiki/SubversionFAQ#What_does_%22use_... The SSL certificate for SVN checkouts should be: 4B:3A:10:4F:B1:C4:2C:24:B8:F3:AB:80:15:87:D7:E7:9F:DB:48:48 I get this instead: 85:78:89:4d:68:6b:75:33:f9:21:fb:b6:de:7d:e6:0e:70:1f:98:04 Does the page need to be updated, or am I getting MITM'd? It looks like there have been some postings to this group before, and chatter on several projects' mailings lists about it, but no official reply. I let the checkout proceed but I'm not going to build or run it until I have some idea what's going on. I guess that's bad if SVN or Windows has a vulnerability that can be exploited by a checkout. Oh well. - Al Dimond -- You received this message because you are subscribed to the Google Groups Project Hosting on Google Code group. To post to this group, send email to google-code-host...@googlegroups.com. To unsubscribe from this group, send email to google-code-hosting+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-code-hosting?hl=en.
SVN certificate doesn't match
According to this page: http://code.google.com/p/support/wiki/SubversionFAQ#What_does_%22use_the_fingerprint_to_validate_the_certificate The SSL certificate for SVN checkouts should be: 4B:3A:10:4F:B1:C4:2C:24:B8:F3:AB:80:15:87:D7:E7:9F:DB:48:48 I get this instead: 85:78:89:4d:68:6b:75:33:f9:21:fb:b6:de:7d:e6:0e:70:1f:98:04 Does the page need to be updated, or am I getting MITM'd? It looks like there have been some postings to this group before, and chatter on several projects' mailings lists about it, but no official reply. I let the checkout proceed but I'm not going to build or run it until I have some idea what's going on. I guess that's bad if SVN or Windows has a vulnerability that can be exploited by a checkout. Oh well. - Al Dimond -- You received this message because you are subscribed to the Google Groups Project Hosting on Google Code group. To post to this group, send email to google-code-host...@googlegroups.com. To unsubscribe from this group, send email to google-code-hosting+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-code-hosting?hl=en.