For those Linux servers that I've tried this on, the ~/.subversion/servers file is the default one that is created with a brand new install. There are no entries under [global] or [groups].
-----Original Message----- From: Johan Corveleyn [mailto:jcor...@gmail.com] Sent: Tuesday, April 26, 2011 3:49 PM To: Platz, Steve Cc: users@subversion.apache.org Subject: Re: Windows SSL Error On Tue, Apr 26, 2011 at 6:06 PM, Platz, Steve <steve_pl...@lord.com> wrote: > Our Entrust SSL certificate recently expired and was replaced with a > new one utilizing a certificate chain. Since installing the new > certificate, access to a front-end website using this same certificate has > been unaffected. > However, we're now seeing issues when we attempt to check > out/update/browse/etc the repository using Windows (XP/7). In Windows, > using version 1.6.16, I'm getting the following error: > > > > C:\Users\steve_platz>svn info > https://path/to/repository > > Error validating server certificate for 'https://path/to/repository:443': > > - The certificate is not issued by a trusted authority. Use the > fingerprint to validate the certificate manually! > > Certificate information: > > - Hostname: my.website.com > > - Valid: from Mon, 18 Apr 2011 18:52:34 GMT until Fri, > 05 Jun > 2015 23:15:02 GMT > > > > - Issuer: (c) 2009 Entrust, Inc., www.entrust.net/rpa > is incorporated by reference, Entrust, Inc., US > > - Fingerprint: > 96:b4:fa:19:bd:4a:ec:c2:bc:19:33:b8:25:2a:0a:47:28:41:07:d0 > > (R)eject, accept (t)emporarily or accept (p)ermanently? T > > > > Running the above (svn info) from a Linux machine works as you would > expect it to, without certificate errors. Is this a bug with the > Windows client or have I set something up incorrectly? Just guessing, but maybe the Linux machine (only your account, or system-wide) has been configured to trust the Issuer's certificate as a trusted certificate authority (thus automatically trusting every certificate issued by that CA), and your Windows machine hasn't. This can be configured on the client side, with the property ssl-authority-files - For the user in ~/.subversion/servers - System-wide in /etc/subversion/servers See for more info: http://svnbook.red-bean.com/nightly/en/svn.advanced.confarea.html#svn.advanced.confarea.opts.servers You can do the same on Windows (also system-wide, I think that only works via the Registry, but see the book for more details). HTH, -- Johan
