Is there an command line option to auto accept a SSL certificate permanently using the SVN commandline in a way that avoids the prompt?
-
Would this be a better fit at Stack Overflow? – James McMahon Jul 08 '09 at 20:46
4 Answers
It depends somewhat on your version of SVN. Recent (1.6+) ones have the usual --non-interactive
(which you want to use to avoid prompts) and also a --trust-server-cert
that may do what you want.
- 161
- 2
- 2
- 9
- 10,497
- 1
- 31
- 40
-
This solution seems to work. Unfortunately the command line certificate accept didn't solve my initial problem. Oh well, at least I know what doesn't work now. – James McMahon Jul 09 '09 at 15:19
-
If this still doesn't work, it may be because you can't access/create the .subversion directory in your home directory. Solution found here: http://chipsandtv.com/articles/svn-invalid-certificates – icc97 Apr 26 '12 at 16:40
-
-
http://web.archive.org/web/20120512113710/http://chipsandtv.com/articles/svn-invalid-certificates – sergtk Aug 25 '13 at 21:13
-
Using --trust-server-cert
will not permanently accept the SSL certificate. You can permanently accept the SSL certificate via the command line using Input Redirection and not using --non-interactive
.
Here's an example for Unix/Linux:
svn list [TARGET] << EOF
p
EOF
NOTE: The "p" above is for (p)ermanently.
-
Well, my version (`1.6.6 (r40053)`) unfortunately simply won't offer the `p` (permanently) option at all. And since this is on an ancient box which I can't update any longer ... – 0xC0000022L Mar 08 '17 at 14:45
My solution uses expect. It isn't secure but it will work when the other solutions won't.
#!/usr/bin/expect -f
set svn_username [lindex $argv 0]
set svn_password [lindex $argv 1]
set svn_url [lindex $argv 2]
spawn svn --username=${svn_username} --password=${svn_password} list ${svn_url}
expect "(R)eject, accept (t)emporarily or accept (p)ermanently? "
send -- "p\r"
expect "Store password unencrypted (yes/no)? "
send "no\r"
expect -re "root@.*:\/#"
- 131
- 1
You should be able to download the certificate and then place it in the appropriate directory. Or you can download the CA certificate and then set the configuration option ssl-authority-files to trust that CA.
See the SSL Certificate Management section in the book.
- 128,755
- 40
- 271
- 413
-
I'm in a very strange situation here, see http://serverfault.com/questions/7648/setting-up-redmine-with-the-bitnami-stack-installer-on-windows-server-2003/37938#37938, so I want to be able to pull it off in one command. – James McMahon Jul 08 '09 at 21:07