Skip to main content

Automated building, svn certificate gotcha

2 replies [Last post]
ken_gilmer
Offline
Joined: 2007-01-19

Hello, sorry this is more about SVN than pMEA but I have to ask. When I first check out pMEA sources on a new machine I get this friendly message:

Error validating server certificate for 'https://phoneme.dev.java.net:443':
- The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually!
Certificate information:
- Hostname: *.dev.java.net
- Valid: from Mon, 07 Jul 2008 19:18:07 GMT until Sun, 06 Sep 2009 19:18:07 GMT
- Issuer: Equifax Secure Inc., US
- Fingerprint: 48:4a:7d:75:84:ba:cb:1d:ab:3f:d2:25:83:ec:7e:ec:3c:68:c6:a0
(R)eject, accept (t)emporarily or accept (p)ermanently?

Once I answer this question then it never come back up, but I'd prefer not to have to do this manually on each machine. Anyone know a way of bypassing this manual step?

TIA
ken

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Hinkmond Wong

phonemeadvanced@mobileandembedded.org wrote:
> Hello, sorry this is more about SVN than pMEA but I have to ask. When I first check out pMEA sources on a new machine I get this friendly message:
>
> Error validating server certificate for 'https://phoneme.dev.java.net:443':
> - The certificate is not issued by a trusted authority. Use the
> fingerprint to validate the certificate manually!
> Certificate information:
> - Hostname: *.dev.java.net
> - Valid: from Mon, 07 Jul 2008 19:18:07 GMT until Sun, 06 Sep 2009 19:18:07 GMT
> - Issuer: Equifax Secure Inc., US
> - Fingerprint: 48:4a:7d:75:84:ba:cb:1d:ab:3f:d2:25:83:ec:7e:ec:3c:68:c6:a0
> (R)eject, accept (t)emporarily or accept (p)ermanently?
>
> Once I answer this question then it never come back up, but I'd prefer not to have to do this manually on each machine. Anyone know a way of bypassing this manual step?
>

Hi Ken,

If you are using the same svn client 1.4.x on each machine, you can try
this:

1. On one of the machines, do the same svn command as above and manually
accept the certificate (p)ermanently, then copy that resulting
fingerprint file that you find that contains the word "phoneme", in your
home directory named ${HOME}/.subversion/auth/svn.ssl.server/*

Ex. (this is how I found my fingerprint file after doing the above for
the phoneme repo):

grep -i phone ${HOME}/.subversion/auth/svn.ssl.server/*

fadf2b68678ec1203d4eb7d7c9c24e8c:https://phoneme.dev.java.net:443
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

(So, on my machine that fingerprint file is named:
~/.subversion/auth/svn.ssl.server/fadf2b68678ec1203d4eb7d7c9c24e8c )

2. Copy that fingerprint file over to your other machines into the same
subversion subdir under each home directory:

cp fadf2b68678ec1203d4eb7d7c9c24e8c ${HOME}/.subversion/auth/svn.ssl.server

3. Try running the same svn command as in step #1 (now on your new machine):

Ex.

svn ls --username=ken_gilmer --password=foobar
https://phoneme.dev.java.net/svn/phoneme/components/tools/trunk

Let me know if the above still gives you problems.

Hinkmond

---------------------------------------------------------------------
To unsubscribe, e-mail: advanced-unsubscribe@phoneme.dev.java.net
For additional commands, e-mail: advanced-help@phoneme.dev.java.net

ken_gilmer
Offline
Joined: 2007-01-19

Thanks Hinkmond, I'll give that a shot.