Re: Problems with Continuum and Subversion over https

On Tue, 05 Dec 2006 15:20:17 -0000, Arne Styve <asty@xxxxxxxxxxxxxxx> wrote:
We have a Subversion/Apache set-up that's running on Windows 2003 with
domain authentication. In the httpd.conf, we have, among other things,
the following settings under the <Location /subversion> section:

SSPIOmitDomain On
SSPIDomain <OUR_DOMAIN>

Tried this, but ended up with access denied. By the way should the
domainname be given with the '<' and '>' (i.e. <osc>) or without (ie. osc) ?
Discovered by the way that in our httpd-file we had "SSPIDomain <OSC>"
....i.e. with capital letters.....dont know if this was the sole reason,
but...

Sorry, should have been clearer the angle brackets aren't included. I guess you would have:

SSPIDomain osc

Anyway, I've now updated the certificate so the servername matches the one
in the certificate, and that got rid of one half of the errormessage I've
been getting.
Now I 'm left with:
"Server certificate verification failed: issuer is not trusted"

Why don't I get this from the commandline, and only in Continuum ? Isn't
there any plase where I can say: Ignore this error ?

Not sure, probably something to do with the certificate chain. Is it self-signed?

Are you sure that Continuum is using the same SVN that you are using on the command line (now that you have both JavaSVN and the default one installed)? If you can get it to prompt you on the command line on the Continuum machine, you can accept the certificate permanently and then Continuum shouldn't have any problems. An alternative would be to change the cacerts file so that your certificate is always trusted.

Dan.

--
Daniel Dyer
http://www.dandyer.co.uk
.

Relevant Pages