Ssl

SVN SSL 證書驗證錯誤

  • October 26, 2011

我正在執行 RedHat Enterprise Linux 6 並安裝了一個顛覆伺服器(使用 Apache)。我剛剛將 Apache 配置為使用來自 Geotrust 的 SSL 證書執行 HTTPS。Apache 部分執行良好(我可以通過 HTTPS 訪問我的網站而不會出現警告或問題)。

但是,當我執行時svn co https://myserver.com/svn/proj_name,我收到以下錯誤:

Error validating server certificate for 'https://myserver.com:443':
- The certificate is not issued by a trusted authority.  Use the
  fingerprint to validate the certificate manually! 
Certificate information:
- Hostname: myserver.com
- Valid: from Sun, 23 Oct 2011 16:15:13 GMT until Thu, 25 Oct 2012 05:38:36 GMT
- Issuer: GeoTrust, Inc., US
- Fingerprint: (some fingerprint)
(R)eject, accept (t)emporarily or accept (p)ermanently?

另外,我的顛覆“伺服器”配置文件中有:

[global]
ssl-authority-files=/usr/share/certs/GeoTrust_Primary_CA.pem;
ssl-trust-default-ca = true

但是當我嘗試訪問顛覆時,我在錯誤日誌中找到了這個:

svn: Invalid config: unable to load certificate file '/usr/share/certs/GeoTrust_Primary_CA.pem'

每個人都可以讀取這個文件——我直接從 GeoTrust 的網站下載了它。有什麼我想念的嗎?

很可能,證書文件有問題。您可以通過以下方式進行檢查:

openssl x509 -text < /usr/share/certs/GeoTrust_Primary_CA.pem

輸出應包括:

   Version: 3 (0x2)
   Serial Number:
       18:ac:b5:6a:fd:69:b6:15:3a:63:6c:af:da:fa:c4:a1
   Signature Algorithm: sha1WithRSAEncryption
   Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
   Validity
       Not Before: Nov 27 00:00:00 2006 GMT
       Not After : Jul 16 23:59:59 2036 GMT
   Subject: C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
   Subject Public Key Info:

或者

md5sum /usr/share/certs/GeoTrust_Primary_CA.pem 

輸出應該是:55a9909182b959dcbb00c550725bcdf2 GeoTrust_Primary_CA.pem

引用自:https://serverfault.com/questions/325111