2

I have set up a copy of Redmine through the Bitnami Redmine Stack and am having trouble accessing a remote SVN repository through https. The trouble seems to be related to the fact that I don't have a signed certificate, and the certificate provided doesn't match the host name (I am accessing the same server through a number of host names).

I am new to Ruby, Mongrel, Rails and Redmine.

Following the advice in this forum thread, I changed the path Redmine uses to invoke the svn client in \apps\redmine\lib\ redmine\scm\adapters\subversion_adapter.rb from

SVN_BIN = "svn"

to

SVN_BIN = "svn --trust-server-cert --non-interactive --config-dir c:/user/temp"

I was hoping that the --trust-server-cert option would fix the certificate problem. However, I am still getting the following error message in mongrel.log:

svn: OPTIONS of 'https://server.xyz:8443/svn/reponame': Server certificate verification failed: certificate issued for a different hostname, issuer is not trusted (https://server.xyz:8443)

Does anybody know what to do about this?

Additional info:

  • I re-started the mongrel service after each change

  • I am sure the configuration change has taken effect because subversion has created a full configuration directory in c:\user\temp

  • I can access the remote repository using command line svn no problem

  • The remote repository runs on a Windows box with VisualSVN

Pekka
  • 2,158
  • 3
  • 19
  • 32

2 Answers2

1

I kind of sorted it by setting the subversion server's host name to the one I query from the redmine installation. It would still be interesting to hear how this might be disabled.

Pekka
  • 2,158
  • 3
  • 19
  • 32
1

I realize that this is an old question but it is still a common question. The short story is that you need to get Subversion to store the server certificate into the proper configuration directory.

From the command line run the following:

svn --config-dir c:/user/temp info https://<url_of_subversion_repository>

You should receive the following message: 

Error validating server certificate for https://<url_of_subversion_repository>:443':
 - The certificate is not issued by a trusted authority. Use the
   fingerprint to validate the certificate manually!
 - The certificate hostname does not match.
Certificate information:
 - Hostname: <url_of_subversion_repository>
 - Valid: from Thu, 10 Dec 2009 04:06:30 GMT until Tue, 09 Dec 2014 04:06:30 GMT
 - Issuer: <Cert Details>, <Cert Details>, <City>, <State>, <Country>
 - Fingerprint: <Finger Print>
(R)eject, accept (t)emporarily or accept (p)ermanently?

Accept the certificate permanently. This will save the required information into the same configuration directory that you specified for Redmine and all should be good.

AndrewP
  • 21
  • 2