I'm trying to set up Subversion repository browsing through Redmine. I'm running into certificate problems when I try to access the repository tab.
I'm using VisualSVN on a Windows 2003 server.
In the server log file (production.log), I see:
No close tag for /lists/list
Line:
Position:
Last 80 unconsumed characters:
Output was:
svn: OPTIONS of 'https://192.168.1.13:8443': Server certificate verification failed: certificate issued for a different hostname, issuer is not trusted (https://192.168.1.13:8443)
Rendering template within layouts/base
Completed in 1.57800 (0 reqs/sec) | Rendering: 0.01600 (1%) | DB: 0.03100 (1%) | 500 Internal Server Error [http://192.168.1.16/repositories/show/vss]
In subversion_adapter.rb, I have:
def credentials_string
str = ''
str << " --username #{shell_quote(@login)}" unless @login.blank?
str << " --password #{shell_quote(@password)}" unless @login.blank? || @password.blank?
str << " --no-auth-cache --trust-server-cert --non-interactive"
str
end
And
cmd = "#{SVN_BIN} list --xml #{target(URI.escape(path))}@#{identifier} 2>&1"
(based on http://www.redmine.org/issues/816)
When I delete the folder: D:\Documents and Settings\Administrator\Application Data\Subversion\auth, I get this in the command prompt:
D:\Documents and Settings\Administrator>svn list –username user –password pass
word https://192.168.1.13:8443/
Error validating server certificate for 'https://192.168.1.13:8443':
– The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually!
– The certificate hostname does not match.
Certificate information:
– Hostname: SrcSafe
– Valid: from Wed, 15 Apr 2009 02:41:16 GMT until Sat, 13 Apr 2019 02:41:16 GMT
- Issuer: SrcSafe
- Fingerprint: d6:ee:7c:91:4f:55:97:42:24:17:89:f3:86:43:c6:10:d9:14:f6:d6
(R)eject, accept (t)emporarily or accept (p)ermanently? p
svn: OPTIONS of 'https://192.168.1.13:8443': 200 OK (https://192.168.1.13:8443)
This populates an entry in auth\svn.ssl.server, but nothing in svn.simple, svn.ssl.client-passphrase, or svn.username.
In D:\Documents and Settings\Administrator\Application Data\Subversion\server, I've also set:
ssl-trust-default-ca = yes
store-ssl-client-cert-pp = yes
Now, I'm pretty sure the hostname changed after the self-signed certificate was created (from SrcSafe to Loki), but am unsure if that makes a difference.
One other thing to note is when I try to access the web page, with D:\Documents and Settings\Default User\Application Data\Subversion\auth empty, it does create svn.ssl.server, svn.simple, svn.ssl.cient-passphrase, and svn.username, but all of them are empty.
Any ideas?
Best Answer
Ok, I figured it out. Apparently, VisualSVN has a way of generating a new self-signed certificate. Having the right hostname did make a difference. Also, the Repository setting had to point to a single repository (e.g., https://loki:8443/svn/Sandbox)., instead of just the svn directory (https://loki:8443/svn).