Hi, I can't seem to figure out the proper clean way to have the svn CLI client trust all https URLs using certificates signed by an internal CA. With RHEL5, it was easy :
$ strace svn co https://myserver/repo/ 2>&1 | grep pki open("/etc/pki/tls/cert.pem", O_RDONLY) = 3 open("/etc/pki/tls/cert.pem", O_RDONLY) = 3 stat("/etc/pki/tls/certs/b903d65c.0", 0x7fff7f839980) = -1 ENOENT (No such file or directory) The SSL library being used looked for a CA certificate named after a hash specific to that certificate (which you got with openssl x509 -hash -noout -in myca.crt). With RHEL6 this happens no more : $ strace svn co https://myserver/repo/ 2>&1 | grep pki open("/etc/pki/tls/certs/ca-bundle.crt", O_RDONLY) = 4 open("/etc/pki/tls/certs/ca-bundle.crt", O_RDONLY) = 4 Appending my CA's certificate to ca-bundle.crt works of course, but it's a much more fragile and less elegant solution. Does anyone know what the proper way is now? Matthias -- Clean custom Red Hat Linux rpm packages : http://freshrpms.net/ Fedora release 14 (Laughlin) - Linux kernel 2.6.35.10-72.fc14.x86_64 Load : 0.00 0.04 0.11 _______________________________________________ rhelv6-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv6-list
