Linedata Limited
Registered Office: 85 Gracechurch St., London, EC3V 0AA
Registered in England and Wales No 3475006 VAT Reg No 710 3140 03
-Original Message-
From: Boris Epstein [mailto:borepst...@gmail.com]
Sent: 08 July 2010 13:28
To: Giulio Troccoli
Cc: users@subversion.apache.org
Subject: Re: Accepting SSL certificates
On Thu, Jul 8, 2010 at 5:37 AM, Giulio Troccoli
giulio.trocc...@uk.linedata.com wrote:
I am trying to set Subversion to use https. I have already
acquired a certificate from the company CA and set everything
up in Apache.
If if use https the I am asked to accept that the
certificate comes from a trusted authority. If I accept it
everything works.
So, I have been instructed to download the company
certificate and I'm
trying to set it as a trusted CA. I have added the following to
~/.subversion/servers
ssl-authority-files = /home/svn/LDS.crt
It's not .pem, but I have been told that it is PEM-encoded.
However,
if I try with https I get the following error
svn: Invalid config: unable to load certificate file
'/home/svn/LDS.crt'
I thought it was a permission issue but the file was
readable by everyone, and the user who runs Apache is svn as
well so Apache (if involved at all) can read it too.
The server is CentOS 5, SVN is 1.6.9 and Apache is 2.2.13.
Finally, I know I could accept it permanently but
eventually I want to set the ssl-authority-files parameter on
the system-wide subversion configuration so that all users
automatically accept it.
Thanks
Giulio
I remember dealing with it - and I think it is normal that a
user has to accept the certificate once. I may be wrong but I
thinkl this may be by design.
Boris.
Thanks Boris, but apparently it was not a PEM-encoded certificate gr
Anyway, after I got the right certificate (and I fix some other little things)
it works.
So, if anyone is reading this from the archive, ssl-authority-files works just
as expected.
Giulio
