I use sourcerepo.com as SVN server. My XCode5 bot complains : error validating server certificate for "https://myproject.sourcerepo.com:443"
- the certificate is not issued by a trusted authority. Use the fingerprint etc....
How can I make my XCode Server accept this svn server and retrieve sources ?
thanks for your advice
Frank
Verify why the certificate is untrusted. (E.g., is it a self-signed certificate?)
Start Terminal and run svn info https://myproject.sourcerepo.com:443/<path-to-repository>. Accept the certificate permanently when prompted.
I found a way to make it work from the Xcode 5 release notes:
https://developer.apple.com/library/ios/releasenotes/developertools/rn-xcode/xc5_release_notes/xc5_release_notes.html
Communicating with a remote SVN repository over HTTPS can fail with an
error similar to “Error validating server certificate for server
name.” Edit the file
/Library/Server/Xcode/Config/xcsbuildd.plist
and change the TrustSelfSignedSSLCertificates key from false to true.
Then, from a Terminal window, run:
sudo killall xcsbuildd
I did exactly the above. To edit the file you actually need to
sudo vi /Library/Server/Xcode/Config/xcsbuildd.plist
After restarting the build daemon I was able to get my Xcode bot to checkout the sources from the remote repository and perform the integration. Hope this helps!
Related
I am hosting my IdentityServer, Web API and MVC client apps all with IIS server, under HTTPS. When I run the my MVC client I get the following error back (note - 6009 is the port of my MVC client and 6005 is the port of my IdentityServer):
I am using IIS Express Development Certificate for all projects when I configure them in IIS:
and I copied the certificate from the personal store to the trusted root as the following:
and here is the details of the cert:
what else am I missing here?
You can refer to the official link,and try the commands in it.
dotnet dev-certs https --clean
dotnet dev-certs https --trust
For me, neither dotnet dev-certs https --clean/trust nor manually cleaning the Windows certificate stores worked out.
Since I was using Docker and Kestrel (instead of ISS), for some reason, it was using outdated certificates located under: C:\Users\<user>\AppData\Roaming\ASP.NET\Https\<project-name>.pfx The dotnet dev-certs https --clean command did not clean up the certificates in this directory.
After cleaning the certificates in this directory, everything worked again. I'm aware that your problem is already resolved, but since this is a common issue I figured I would also post my solution here.
Related issue about why the clean command does not clean these certs can be found here: https://github.com/dotnet/aspnetcore/issues/15357
I'm try to use Heroku CLI.
But when I want to do some commamd like:
heroku login, heroku log, etc.
The below error will show
SELF_SIGNED_CERT_IN_CHAIN self signed certificate in certificate chain
How can I sovled it?
I had the same issue however this helped me:
Verify your proxy export
export NO_PROXY='localhost,localnets, <company proxy IP settings>
Then verifying my companies .pem file stored in my user directory:
export NODE_EXTRA_CA_CERTS=~/.ssh/bc.pem
(or wherever you store it.)
Then try
heroku login
Its moreover related to security and firewall settings over machine and network.
If you are in secure network, try to connect over proxies / public network, then you can able to run heroku commands.
Or manually acquire SSL/TLS certificate on machine. Kindly refer to this link
I am facing an issue while sending request to server for push notification. While trying to connect to apple server we are getting the following response,
ApnsPHP[15748]: INFO: Trying ssl://gateway.sandbox.push.apple.com:2195... Tue, 15 Jan 2013 08:20:28 +0100 ApnsPHP[15748]: ERROR: Unable to connect to 'ssl://gateway.sandbox.push.apple.com:2195': Permission denied (13)
We checked the server settings and the server is not blocking any out going requests. We created the p12 certificate as per the guidelines by apple, and we are converting it to .pem by executing following shell command in the server.
openssl pkcs12 -in HSPushNopassword.p12 -out HSPushNopassword.pem -nodes -clcerts
And the same code and certificate is working fine in another server.
Please let me know why we are getting this error? Thanks,
There is a better solution than disabling SELinux completely. The problem is that on most SELinux systems (as RedHat, which I am using) HTTPD is not allowed to create network connections.
You can use this command to enable it:
setsebool -P httpd_can_network_connect=1
-P for permanent setting.
I hope it helps, though this thread is accepted
I sorted it out. Yes, the problem was the server, but it was likely due to when they had root and reloaded things. In a nutshell, there is a very restrictive security system called 'selinux'. So I disabled that, and set the config so it stays off after reboot. And the push notification is working fine now.
Until now I'm using SmartSVN to access our https-protected repository smoothly. SmartSVN simply asked for my certificate and the passphrase and was happy.
Now I want automatic update and commit and hence try EasySVN which is a TortoiseSVN-derivate. Unfortunately, it does not ask me for my credentials and just fails with "No certificates available".
When I try to perform an update on command line SVN, it asks me for the certificate and passphrase (why TortoiseSVN can't do that?), but fails:
E:\test>svn update
Updating '.':
Authentication realm: https://ourserver:8888
Client certificate filename: e:\path\to\my\certificate.p12
svn: E175002: Unable to connect to a repository at URL 'https://ourserver:8888/svn/my/checked/out/path'
svn: E175002: OPTIONS of 'https://ourserver:8888/svn/my/checked/out/path': SSL handshake failed: Secure connection truncated (https://ourserver:8888)
This page tells you where to store a cert for TortoiseSVN, but it seems there's an issue with this in EasySVN, there's a ticket here (hasn't been updated in a while though)
Recently Mercurial has added certificate validation when connecting to HTTPS servers. I'm trying to clone the wiki repository for a Google Code project at https://wiki.droidweight.googlecode.com/hg/, but the certificate is for *.googlecode.com.
Google Code's certificate does not cover multiple subdomains like *.*.googlecode.com.
I'm getting the error:
% hg clone --verbose https://wiki.droidweight.googlecode.com/hg/ -- C:\workspace\wiki
abort: wiki.droidweight.googlecode.com certificate error: certificate is for *.googlecode.com, googlecode.com, *.codespot.com, *.googlesource.com, googlesource.com (use --insecure to connect insecurely)
I need to get the certificate fingerprint. This SO answer says how to do it on *nix.
How would one get the fingerprint on Windows 7 (Home Premium)?
References:
Open issue on Google Code's support site.
Mercurial CA Certificates FAQ.
Which version of Mercurial are you using? 1.8.2 prints the fingerprint when you clone, as per the documentation.
EDIT: After some testing, I realised that Mercurial prints the certificate when you connect insecurely (I don't have web.cacerts configured, so cloning always succeeded, though with a warning). So if you pass --insecure to your hg clone, you'll get a clone and a fingerprint.
Alternatively, install GnuWin32! It makes the Windows command line a fun place to be :) (I have no affiliation with GnuWin32; just hugely appreciative.)