Server certificate verification failed: certificat

> PROPFIND request failed on ‘/svn/Superscout‘
> PROPFIND of ‘/svn/Superscout‘: Server certificate verification 
> failed: certificate issued for a different hostname, issuer is not 
> trusted (https://XX.XX.XX.XX)

First, here‘s how to fix the situation:

1. Open Terminal (in Utilities, in Applications)
2. Type some svn command against your repository, say "svn ls https://82.100.10.110/svn/Superscout 
"
3. You‘ll get a text prompt about the server‘s certificate, asking you 
what to do
4. Type "p" (and return), meaning "permanently accept this certificate 
anyway"

That answer will be saved away in a place that both the command line 
"svn" and also SCPlugin will reuse.

Now, the explanation, in case you‘re curious:

You‘re accessing Subversion through the HTTP protocol, the same one 
used by web browsers. This is probably the most common way to use SVN. 
HTTP servers can, and often do, use an encrypted connection, called 
"https". Subversion can do that, too, and that‘s what‘s going on here.

The encryption includes a "server certificate," a digital signature 
that proves that the server you‘re talking to really is the one you 
think it is. This is included because it is possible to arrange so 
that connections you think are going to one computer actually go to 
another. There‘s an attack called the "man in the middle," where some 
bad person sets things up this way, then forwards messages back and 
forth between you and the true server. Your web browser (or 
Subversion) sends and receives exactly the packets it expects to, but 
the "man in the middle" is reading everything. Unfortunately, there is 
no way to detect or prevent this from the stream of messages alone.

The server certificate protects you against this, because the server 
certificates are digitally signed by someone else. The idea is that 
there should be a few signatories that you trust to do this, and you 
can confirm that one of these signed a given server‘s certificate, and 
hence you trust that it‘s the one you want. This is the same as 
checking a person‘s driver‘s license: you trust the state to attest 
who the person is; you‘ve seen driver‘s licenses before and can spot a 
phony (at least, if it‘s not too good a phony), and so having seen the 
license, you can trust that the person is who they claim to be.

This process isn‘t working for you. The messages actually say there 
are two problems:

- certificate issued for a different hostname
- issuer is not trusted

In the first problem: if I claim to be "Jack Repenning," and attempt 
to prove that by showing you a license for "Fred Smithers," you‘d be 
more than a little suspicious, right? Same thing here. However, this 
is probably because you told Subversion to contact "https://82.100.10.110 
" -- that is, the server‘s "name" is 82.100.10.110. That‘s the host 
*address*, but typically the server‘s actual certificate is for their 
host *name*. If you try again, using "https:// 
server.superscout.co.uk" (or whatever the name actually is), this part 
will probably go away. But maybe not: when I try to look up that 
address in the global DNS name base, I don‘t get a reply. Probably 
that address is internal to your company network, and so conceivably 
you may not have DNS properly set up for it. Maybe that‘s why you used 
an address rather than a name. At any rate, the procedure above will 
reassure Subversion that this combination really is OK.

In the second problem: metaphorically, Subversion is saying "this 
looks like a driver‘s license, but it‘s from some country I‘ve never 
heard of, how do I know whether it‘s a valid license from there?" 
Actually, there‘s a good chance that this certificate is signed by one 
of the standard authorities: there‘s a bug in OS X about the 
installation of this information, as a result of which Subversion (and 
SCPlugin) requires some extra configuration work in order to find the 
list of trusted authorities. If you‘re going to be connecting to a 
great many different servers, it might be worth your while to fix 
this. That can be done, but until Apple fixes the bug it also means 
you have to manually update it from time to time (about once a year), 
which would be tiresome.

The procedure above works once for all time, for this one address. If 
you only have to do it a few times, you‘re better off just doing it 
than fixing the authority list. But if you want to fix up the list, 
you can find the directions in the [email protected] list on scplugin. Or, just 
ask there again, and someone will restate them, or point you to them.

-==-
Jack Repenning
jackrepenning at tigris dot org
Project Owner
SCPlugin
http://scplugin.tigris.org
"Subversion for the rest of OS X"

时间: 2024-12-05 14:03:55

Server certificate verification failed: certificat的相关文章

error: server certificate verification failed 解决方案

晚上使用更新源之后使用了git 命令,但是报错 error: server certificate verification failed 在stackoverflow 上有一页专门解答:server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none ,针对不同情况,里面有很多的解决方案. 我的属于系统时间错误,和下面这个问题相同: Another cause of

server certificate verification failed. CAfile: none CRLfile: none

原文: server certificate verification failed. CAfile: none CRLfile: none 当使用命令 git pull 出现错误信息如下: server certificate verification failed. CAfile: none CRLfile: none 解决方案: git config --global http.sslverify false git config --global https.sslverify fals

Failed to connect to VMware Lookup Service……SSL certificate verification failed.

今天登陆vspher web-client时候,报错如下: Failed to connect to VMware Lookup Service https://vc-test.cebbank.com:7444/lookupservice/sdk - SSL certificate verification failed. 放狗搜了下和自己测了下,根据问题类型有如下两种解决方案,我先说下如何去获取错误的详细信息,然后再给大家分别上两个解决办法. 1.获取错误日志 VSphere服务器进入%TEM

https://IP:7444/lookupservice/sdk - SSL certificate verification failed.

问题:版本vcsa5.5,用vsphere web client登陆的时候报错:Failed to connect to VMware Lookup Service https://IP:7444/lookupservice/sdk - SSL certificate verification failed. 解决办法:登陆vcsa配置网页:默认账号密码:root/vmware 另外一个:[email protected]/vmware 登陆网址:https://<host-name>:548

svn: E230001: Server SSL certificate verification failed

TortoiseSvn是好的 命令行svn 的时候 有问题 ,也加了--no-auth-cache --non-interactive参数 svn list 地址 选下p 就好. http://stackoverflow.com/questions/3147660/server-certificate-verification-failed-issuer-is-not-trusted

in `connect&#39;: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)

最近在用ruby的一些库的时候,总是出现这个错误. 在使用net/imap库的时候,或者net/http库(主要是用到了https,https是用了ssl) 的时候,具体如下: 错误提示:E:/Ruby200/lib/ruby/2.0.0/net/imap.rb:1454:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (Op

Rails 之微信开发 : OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

微信公众平台,使用Ruby On Rails + Win7 在取得OpenID时,如果简单的使用http.get方法,会出现如下 SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed 解决方案: def get_open_id code    url="https://api.weixin.qq.com/sns/oauth2/access_token?appi

facebook graph api 报错SSLError(1, u&#39;[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:661)&#39;)

使用facebook graph api,报错如下 一开始以为是https证书验证失败,查了一下午源码,没有看到问题,于是把Python27\lib\site-packages\requests\adapters.py文件的如下位置异常处理注释掉了,看看异常到底从哪来的 def send(self, request, stream=False, timeout=None, verify=True, cert=None, proxies=None): """Sends Prep

SSH登录失败:Host key verification failed

转载自:https://help.aliyun.com/knowledge_detail/41471.html 注意:本文相关 Linux 配置及说明已在 CentOS 6.5 64 位操作系统中进行过测试.其它类型及版本操作系统配置可能有所差异,具体情况请参阅相应操作系统官方文档. 问题描述 使用 SSH 登录云服务器 ECS (Elastic Compute Server) Linux 服务器时,出现类似如下错误信息,导致无法正常连接. Linux 环境连接报错信息: @@@@@@@@@@@