Redmine subversion won't ignore certificate error even if told

ssl svn ssl-certificate ruby redmine

5,416

Solution 1

I kind of sorted it by setting the subversion server's host name to the one I query from the redmine installation. It would still be interesting to hear how this might be disabled.

Solution 2

I realize that this is an old question but it is still a common question. The short story is that you need to get Subversion to store the server certificate into the proper configuration directory.

From the command line run the following:

svn --config-dir c:/user/temp info https://<url_of_subversion_repository>

You should receive the following message:

Error validating server certificate for https://<url_of_subversion_repository>:443':
 - The certificate is not issued by a trusted authority. Use the
   fingerprint to validate the certificate manually!
 - The certificate hostname does not match.
Certificate information:
 - Hostname: <url_of_subversion_repository>
 - Valid: from Thu, 10 Dec 2009 04:06:30 GMT until Tue, 09 Dec 2014 04:06:30 GMT
 - Issuer: <Cert Details>, <Cert Details>, <City>, <State>, <Country>
 - Fingerprint: <Finger Print>
(R)eject, accept (t)emporarily or accept (p)ermanently?

Accept the certificate permanently. This will save the required information into the same configuration directory that you specified for Redmine and all should be good.

5,416

Pekka

Self-employed web developer and graphic designer. After-hours artist. Working from an old off-the-grid house in the Canary Islands. Not doing much here any more because the Stack Overflow I wish to build and participate in is no longer supported and the company running it has started going down a path of incomprehensible, increasingly outright evil actions. They have pledged meaningful change but we'll see whether that ever materializes. (Update in early 2021: it hasn't materialized.) Also, I have yet to see a convincing refutation of community members' educated guesses that the confidential agreement with Monica Cellio, the moderator who was unfairly terminated and publicly slandered as a bigot by Stack Overflow, doesn't actually contain some kind of payout from Stack Overflow to Monica, but instead just forces her to shut up about the issue forever under threat of a potentially ruinous countersuit, another hint that a major moral bankruptcy has occurred at this once great company. E-Mail: first name at gmx dot de

Updated on September 17, 2022

Comments

Pekka over 1 year
I have set up a copy of Redmine through the Bitnami Redmine Stack and am having trouble accessing a remote SVN repository through https. The trouble seems to be related to the fact that I don't have a signed certificate, and the certificate provided doesn't match the host name (I am accessing the same server through a number of host names).

I am new to Ruby, Mongrel, Rails and Redmine.

Following the advice in this forum thread, I changed the path Redmine uses to invoke the svn client in \apps\redmine\lib\ redmine\scm\adapters\subversion_adapter.rb from
```
SVN_BIN = "svn"
```
to
```
SVN_BIN = "svn --trust-server-cert --non-interactive --config-dir c:/user/temp"
```
I was hoping that the --trust-server-cert option would fix the certificate problem. However, I am still getting the following error message in mongrel.log:

svn: OPTIONS of 'https://server.xyz:8443/svn/reponame': Server certificate verification failed: certificate issued for a different hostname, issuer is not trusted (https://server.xyz:8443)

Does anybody know what to do about this?

Additional info:
- I re-started the mongrel service after each change
- I am sure the configuration change has taken effect because subversion has created a full configuration directory in c:\user\temp
- I can access the remote repository using command line svn no problem
- The remote repository runs on a Windows box with VisualSVN