Thanks Shawn. You were right, this was a user error. Turned out that I was using read-only http access for svn_5x, but when 5_0 branch was announced I just copying the url from the email without realizing it was committers' https url.
I re-checked out with http and the problem gone away for now. I'll deal with certificates later. Thanks again, Alex. ---- Sign up for my Solr resources newsletter at http://www.solr-start.com/ On 14 January 2015 at 01:18, Shawn Heisey <apa...@elyograg.org> wrote: > On 1/13/2015 10:37 PM, Alexandre Rafalovitch wrote: >> This hasn't happened to me before. Building (new) 5.0 branch: >> >> package-src-tgz: >> [exec] Error validating server certificate for >> 'https://svn.apache.org:443': >> [exec] - The certificate is not issued by a trusted authority. Use the >> [exec] fingerprint to validate the certificate manually! >> [exec] Certificate information: >> [exec] - Hostname: *.apache.org >> [exec] - Valid: from Fri, 11 Apr 2014 00:00:00 GMT until Thu, 07 >> Apr 2016 23:59:59 GMT >> [exec] - Issuer: Thawte, Inc., US >> [exec] - Fingerprint: >> 15:1d:8a:d1:e1:ba:c2:14:66:bc:28:36:ba:80:b5:fc:f8:72:f3:7c >> >> Is this normal and what do I need to do to get around this given that >> ant is running in batch mode and just aborts the build? > > The certificate is not verifying because one or more steps in the SSL > certification path is missing when the program makes the connection. > This typically is caused by one of two things: > > 1) The webserver is not configured to send the intermediate certificate > for the key that actually issued the *.apache.org certificate. > > 2) Whatever certificate store your svn package is using does not contain > the Thawte root certificate. > > I know that option 1 is not the problem. An online SSL checker shows > that everything is good with svn.apache.org. Option 2, a local problem > on your machine, is the most likely issue. I can run "ant package" with > no problem on an Ubuntu machine. > > If you are running on a Linux/UNIX platform, there will usually be a > central repository of root certificates that are accepted as valid. > Sometimes that repository is misconfigured or missing, though. On > Debian or Ubuntu, this can be found in /etc/ssl/certs. What you'll find > in there on those platforms are symlinks to root certificates installed > under /usr/share by the ca-certificates package. > > If you are running on Windows, then it will most likely be using the > certificate store built into the OS, but it might be using something > else, especially if svn was installed by something like cygwin. > > Thanks, > Shawn > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org > For additional commands, e-mail: dev-h...@lucene.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
