Error validating server certificate for tortoisesvn Chat with horny
What do I have to do to get Subversion to recognize that the certificate we are using for Mac OS Forge *is* issued by a trusted authority?I want a solution that does not involve every Mac Ports contributor having to see this message and press "p"; I want a solution that does not involve anyone seeing this message at all.^Csvn: OPTIONS of 'https://svn.example.com/svn/software/trunk': Server certificate verification failed: issuer is not trusted (https://svn.example.com) Why would it be giving me this prompt?The certificate is signed by Verisign, and I updated the cert as well as the ca/intermediate cert on the server.Do I have to somehow provide Subversion with a bundle of well-known trusted certificates?Mac Ports includes the port curl-ca-bundle which installs a bundle of certs from Mozilla, and is used by the curl port to be able to access https sites. This should cause svn2git to either quit, or print a reassuring message about how it's forging ahead.$ git svn fetch This prints the same message I mentioned before, with a security certificate fingerprint and all, and then an additional line that svn2git doesn't show: "(R)eject, accept (t)emporarily or accept (p)ermanently?
Using the openssl tool returns the cert as being valid: $ openssl s_client -connect svn.example.com:443 | grep 'return code'depth=2 /C=US/O=Veri Sign, Inc./OU=Class 3 Public Primary Certification Authority - G2/OU=(c) 1998 Veri Sign, Inc.
Hello, I am running svnserver using apache and Web DAV using HTTPS. The certificate I have installed is a wildcard certifcate (*.odesk.com) issued by an intermediate CA , Comodo: CN = Comodo Class 3 Security Services CA OU = (c)2002 Comodo Limited OU = Terms and Conditions of use: OU = Comodo Trust Network O = Comodo Limited C = GB whose Root CA is GTE Cyber Trust Global Root CN = GTE Cyber Trust Global Root OU = GTE Cyber Trust Solutions, Inc.
When Tortoise SVN tries to access my server, I get the warning: Error validating server certificate for https://secure.odesk.com:443 Unknown certificate issuer: Fingerprint: ca:a1:ba:7f:37:... O = GTE Corporation C = US The particular wildcard certificate is accepted by IE, Firefox etc.
We have an svn server with https access via apache, dav_svn_module, and authz_svn_module.
We just got a new cert from Verisign, and installed it.
I thought maybe I needed to install the intermediate cert somewhere on the client, but the intermediate CA cert for the old cert isn't on the client, and since it's connecting through Apache, which has both certs installed, I don't understand why it wouldn't validate the cert fine.