svn Error validating server certificate

Question

If I use any svn command communicating with the remote server I get the following error:

Error validating server certificate for 'https://...':
 - The certificate is not issued by a trusted authority. Use the
   fingerprint to validate the certificate manually!
Certificate information:
 - Hostname: ...
 - Valid: from Wed, 01 Sep 2010 08:25:36 GMT until Thu, 06 Oct 2011 08:25:36 GMT
 - Issuer: ...
 - Fingerprint: ...
(R)eject, accept (t)emporarily or accept (p)ermanently?

If I hit permanently I can run the command properly. But on the next svn command I get the same question and have to confirm again! Why doesn't svn save my choice permanently? How can I solve this problem?

Thanks for any help!

If you hit permanently then svn does cache the certifcate information in the same place where it stores your username/password information. And it won't ask you next time to confirm the certificate until its cached. — Hameedullah Khan, May 24 '11 at 18:43
but svn asks me the same stuff again! so it does not cache it? — Alex, May 24 '11 at 18:49

score 47 · Answer 1 · answered Jul 16 '12 at 16:50

47

Fix (for Unix):

svn.ssl.server is on ~/.subversion/auth

Change Owner recursively on ~/.subversion/auth or delete:
delete - ~/.subversion/auth/svn.ssl.server
owner - chown -R $USER ~/.subversion/auth
Open the command prompt and run svn list https:...
Accept certficate permanently by entering p.

Have Fun !

answered Jul 16 '12 at 16:50

Lifely

1,035
12
22

1

Note that if you have a remote mounted drive it's possible that it can look like you're the owner of the file, if the remote system has the same username. This will prevent the above from working until you log in to the remote box itself. Well it fooled me for a while, hope it helps someone else. – James Bradbury Jul 18 '13 at 10:12
what does "..." in 'svn list https:..." mean? the actual repo url? – galactica Oct 07 '14 at 15:04
I tried with the repository url, but still can't do svn up afterwards: the error validating message still popped up. – galactica Oct 07 '14 at 15:10
1

I have followed above instructions step by step and it worked on Mac OSX El Capitan. Yes, galactica. He means repository URL by "svn list https:...". – csonuryilmaz Dec 12 '15 at 10:29
this thing works for university svn repositories! thanks for the help. – Aly Shmahell Dec 17 '16 at 17:53

score 43 · Accepted Answer · answered Jul 19 '11 at 03:52

43

Search for the folder named "svn.ssl.server" (it exists for windows and *NIX servers) and delete it. You may be asked one more time to save the key but then it should stop asking after that point.

answered Jul 19 '11 at 03:52

cixelsyd

938
10
12

score 30 · Answer 3 · edited Dec 12 '11 at 17:14

30

Fix (for Windows):

Delete C:\Users\"USERNAME"\AppData\Roaming\Subversion\auth\svn.ssl.server
Open the command prompt and run svn list https:...
Accept certficate permanently by entering p.

edited Dec 12 '11 at 17:14

Chris Cashwell

22,308
13
63
94

answered Dec 12 '11 at 16:20

Charan

301
3
2

This also solved, the same problem using svnkit in eclipse – jpprade Jul 20 '15 at 09:01

score 9 · Answer 4 · answered Mar 27 '13 at 16:01

9

Probably not suitable for all users but is okay for me and worked:

I edited in the ~/.subversion/servers the following line:

[global]
ssl-trust-default-ca = no

to

[global]
ssl-trust-default-ca = yes

answered Mar 27 '13 at 16:01

Stephen

91
1
1

score 6 · Answer 5 · answered Feb 01 '17 at 08:50

6

Solution for SSL Certificate Error Message on SVNX

For Windows User:

Open the command prompt and run svn list https://Your-Link-Goes-Here/
List item Accept certificate permanently by entering p

For Mac User:

Open the Terminal and Execute this command svn list https://Your-Link-Goes-Here/
Accept the Certificate Permanently by entering p

Note: For Mac Users make sure your Certificate is already added in Keychain Access

Hope this Helps Someone.

answered Feb 01 '17 at 08:50

user344293

111
1
7

@Umair are you a Mac or Windows User? – user344293 Jun 06 '17 at 08:28
windows , particularly w7 – Umair Jun 07 '17 at 06:28

score 5 · Answer 6 · edited Jun 27 '13 at 22:01

5

Doing chmod 644 ~/.subversion/auth/svn.ssl.server/* is simplest for unix users and is best if you connect to multiple servers.

edited Jun 27 '13 at 22:01

hopper

13,060
7
49
53

answered Jun 27 '13 at 21:38

Timothy C. Lethbridge

339
2
3

i'm a unix user and verified that this trick didn't work for me. BTW, I have two files under ~/.subversion/auth/svn.ssl.server/, (using OpenSSH_5.3p1 on CentOS) – galactica Oct 06 '14 at 21:59

score 3 · Answer 7 · answered Mar 19 '14 at 07:50

SVN is smart enough to infer that you didn't actually bother verifying that the fingerprint matches.

Ahem.

But in all seriousness, https://sourceforge.net/apps/trac/sourceforge/wiki/Subversion#ServerCertificateVerificationFailed notes that you should open the project url in a trusted browser to check you're not being MITM'ed (should work for non-sourceforge too), e.g. you can try checking that you get the same fingerprint through Tor.

score 3 · Answer 8 · edited May 13 '15 at 06:48

3

chmod -R 775 ~/.subversion/auth may also be needed.

edited May 13 '15 at 06:48

Infinite Recursion

6,511
28
39
51

answered Mar 26 '14 at 06:42

hellowangit

61
7

svn Error validating server certificate

8 Answers8

Linked