Changes between Initial Version and Version 1 of Ticket #40383, comment 4


Ignore:
Timestamp:
Sep 7, 2013, 12:41:36 PM (11 years ago)
Author:
raimue (Rainer Müller)
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #40383, comment 4

    initial v1  
    1 This is a infamous bug in /usr/bin/svn from Mac OS X as shipped by Apple. If I remember correctly it's broken since Mac OS X 10.5 Lion. The only place where Apple ships certificates is in the Keychain, but they are not used by the installed Subversion client to validate certificates. There are some tutorials on how to extract the certificates from Keychain and put them into the CA search path at `/System/Library/OpenSSL/certs/`.
     1This is a infamous bug in /usr/bin/svn from Mac OS X as shipped by Apple. If I remember correctly it's broken since Mac OS X 10.5 Lion. The only place where Apple ships certificates is in the Keychain, but they are not used by the installed Subversion client to validate certificates. There are some tutorials on the web on how to extract the certificates from Keychain and put them into the CA search path at `/System/Library/OpenSSL/certs/`.
    22
    33You need to manually accept the certificate before you will be able to sync using over SSL with Subversion without a certificate validation error. Choosing permanently will store the fingerprint inside ~/.subversion/auth/svn.ssl.server/. Note that the sync command will be run as the user owning the ports tree directory specified in sources.conf, so the certificate needs to be accepted by that user.