continuum-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thijs Schnitger <t.schnit...@func.nl>
Subject Re: Problem with Subversion and HTTPS Access to Repository
Date Fri, 07 Nov 2008 20:14:42 GMT
I appear to have sent you in the wrong direction.
You should indeed let svn know of the CA certificate. This can be done 
in various ways. In my case I added my CAcert to the system defaults in 
/etc/ssl/certs. The svn docs say you need to edit the runtime servers 
file, which can be found in the homedir of the user who runs continuum, 
in ~/.subversion/servers. Edit a parameter called ssl-authority-files.
You may need to restart Continuum.

Hope this helps,

Thijs


Ryan Skorstad wrote:
> I have added my CA to the JVM's keystore using keytool:
> 
> keytool -import -keystore cacerts -file my.ca
> 
> and also:
> 
> keytool -import -keystore cacerts -file my.ca -trustcacerts
> 
> The cafile is located in /usr/lib/jvm/jre-1.6.0-openjdk.x86_64/ which 
> should be the correct location for the JVM that Continuum is using.
> 
> I have verified that the CA is correct by using OpenSSL to connect to my 
> svn repository:
> 
> openssl s_client -CAfile my.ca -connect svn.mydomain.com:443
> 
> It still throws the 'javax.net.ssl.SSLPeerUnverifiedException: peer not 
> authenticated' exception.  Am I using the wrong keystore?  This is the 
> only one on the machine.
> 
> -Ryan
> 
> 
> Thijs Schnitger wrote:
>> Ryan Skorstad wrote:
>>
>>> Is there a way to get my Continuum to trust my CA?
>>>
>>
>> Add the certificate of your CA to the cacerts file of your JRE, using 
>> keytool.
>>
> 
> 




Mime
View raw message