Today's Question:  What does your personal desk look like?        GIVE A SHOUT

Resolving SVN error "Error validating server certificate for..."

  sonic0002        2016-06-27 07:36:49       20,038        2    

When using SVN to connect secure server, the server needs to send its certificate to the client for verification. In some cases, the certificate sent by the server is not a trusted certificate, the client may choose to trust the certificate if the server is target server for sure. 

But users may get "Error validating server certificate for 'https://...'" the next time when they try to connect to the same secure server even if they specified "p" the first time when they are prompted to accept the server certificate.

Error validating server certificate for 'https://example.com':
 - The certificate is not issued by a trusted authority. Use the
   fingerprint to validate the certificate manually!
Certificate information:
 - Hostname: ...
 - Valid: from Wed, 01 Sep 2010 08:25:36 GMT until Thu, 06 Oct 2011 08:25:36 GMT
 - Issuer: ...
 - Fingerprint: ...
(R)eject, accept (t)emporarily or accept (p)ermanently? p

The reason why this happens is usually that the server certificate cache is not updated even if the "p" is specified. To resolve the issue, please follow below steps :

  1. Find the directory svn.ssl.server. On Windows, this directory is located at C:\Users\[USERNAME]\AppData\Roaming\Subversion\auth\, on *nix, the directoryis located at ~/.subversion/auth
  2. Back up the svn.ssl.server directory(rename it to some other name)
  3. Delete the svn.ssl.server directory
  4. Trying to connect to the server again, this time, you may be prompted to accept the certificate again. Specify "p" and continue
  5. The next time when you connect to the same secure server, you should not be prompted to specify any option anymore
  6. If above is not working, please try to back up and delete C:\Users\[USERNAME]\AppData\Roaming\Subversion\auth and try again

The svn.ssl.server contains the cached server certificates. When specifying the "p" option, this directory may not be updated correctly, hence it may need to be manually cleared.

SSL  SVN  SVN.SSL.SERVER 

Share on Facebook  Share on Twitter  Share on Weibo  Share on Reddit 

  RELATED


  2 COMMENTS


Anonymous [Reply]@ 2016-09-16 03:52:39

Hi, I have tried deleting both directories, but still its not working.

Anonymous [Reply]@ 2021-03-03 15:27:51
just add 
--trust-server-cert-failures="other,unknown-ca,cn-mistmatch,expired"