Ssl
SVN SSL 證書驗證錯誤
我正在執行 RedHat Enterprise Linux 6 並安裝了一個顛覆伺服器(使用 Apache)。我剛剛將 Apache 配置為使用來自 Geotrust 的 SSL 證書執行 HTTPS。Apache 部分執行良好(我可以通過 HTTPS 訪問我的網站而不會出現警告或問題)。
但是,當我執行時
svn co https://myserver.com/svn/proj_name
,我收到以下錯誤:Error validating server certificate for 'https://myserver.com:443': - The certificate is not issued by a trusted authority. Use the fingerprint to validate the certificate manually! Certificate information: - Hostname: myserver.com - Valid: from Sun, 23 Oct 2011 16:15:13 GMT until Thu, 25 Oct 2012 05:38:36 GMT - Issuer: GeoTrust, Inc., US - Fingerprint: (some fingerprint) (R)eject, accept (t)emporarily or accept (p)ermanently?
另外,我的顛覆“伺服器”配置文件中有:
[global] ssl-authority-files=/usr/share/certs/GeoTrust_Primary_CA.pem; ssl-trust-default-ca = true
但是當我嘗試訪問顛覆時,我在錯誤日誌中找到了這個:
svn: Invalid config: unable to load certificate file '/usr/share/certs/GeoTrust_Primary_CA.pem'
每個人都可以讀取這個文件——我直接從 GeoTrust 的網站下載了它。有什麼我想念的嗎?
很可能,證書文件有問題。您可以通過以下方式進行檢查:
openssl x509 -text < /usr/share/certs/GeoTrust_Primary_CA.pem
輸出應包括:
Version: 3 (0x2) Serial Number: 18:ac:b5:6a:fd:69:b6:15:3a:63:6c:af:da:fa:c4:a1 Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority Validity Not Before: Nov 27 00:00:00 2006 GMT Not After : Jul 16 23:59:59 2036 GMT Subject: C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority Subject Public Key Info:
或者
md5sum /usr/share/certs/GeoTrust_Primary_CA.pem
輸出應該是:
55a9909182b959dcbb00c550725bcdf2 GeoTrust_Primary_CA.pem