Until now I'm using SmartSVN to access our https-protected repository smoothly. SmartSVN simply asked for my certificate and the passphrase and was happy.
Now I want automatic update and commit and hence try EasySVN which is a TortoiseSVN-derivate. Unfortunately, it does not ask me for my credentials and just fails with "No certificates available".
When I try to perform an update on command line SVN, it asks me for the certificate and passphrase (why TortoiseSVN can't do that?), but fails:
E:\test>svn update
Updating '.':
Authentication realm: https://ourserver:8888
Client certificate filename: e:\path\to\my\certificate.p12
svn: E175002: Unable to connect to a repository at URL 'https://ourserver:8888/svn/my/checked/out/path'
svn: E175002: OPTIONS of 'https://ourserver:8888/svn/my/checked/out/path': SSL handshake failed: Secure connection truncated (https://ourserver:8888)
This page tells you where to store a cert for TortoiseSVN, but it seems there's an issue with this in EasySVN, there's a ticket here (hasn't been updated in a while though)
Related
What happens when I try to install something (pytorch for example) with pip:
'''Could not fetch URL https://pypi.tuna.tsinghua.edu.cn/simple/pytorch/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.tuna.tsinghua.edu.cn', port=443): Max retries exceeded with url: /simple/pytorch/ (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1129)'))) - skipping'''
One way to temporarily avoid this is seting the Use a Proxy Server switch to Off in the Windows Manual Proxy Setup section, but later it will be set back to On automatically.
So what's wrong with the pip or windows? or this Error is related to my vpn?
I think I found the reason!
The reason why the Use a Proxy Server switch automatically changes is my V2rayN had been closed abnormally, so its process continuously changes my settings. To fix this, I just restart V2rayN in administrator mode and quit so that it will manage proxy settings properly.
As to the SSLError, it is because the Proxy switch is on. So after I fix the switch I can use pip to install things again.
I try to checkout SVN but I face with this issue
svn: E175002: Unable to connect to a repository at URL 'https://abc.xyz/svn/def'
svn: E175002: Unexpected HTTP status 500 'Internal Server Error' on '/svn/def'
svn: E175002: Additional errors:
svn: E175002: OPTIONS request on '/svn/def' failed: 500 Internal Server Error
Info:
https://abc.xyz/svn/def is working well, I can connect by using web browser like safari/chrome. I also can checkout on other system like Ubuntu/Windows, but Mac.
The problem here is about the SSL certificate because that server is certificate self-signed and it worked with http before, I supposed.
That is an integrated SVN server with Redmine.
I've tried with svn co https://abc.xyz/svn/def --non-interactive --trust-server-cert but it wont work on my case.
The problem here is about the SSL certificate because that server is certificate self-signed
In any case, for such certs you must at least once
svn co https://abc.xyz/svn/def --non-interactive --trust-server-cert
or manipulate by ssl-trust-default-ca, ssl-authority-files from SVN's servers file
I am trying to install ros-hydro-genmsg, but encountered the following error.
---> Attempting to fetch 0.4.23-0.tar.gz from https://github.com/ros-gbp/genmsg-release/archive/release/hydro/genmsg/
DEBUG: Fetching distfile failed: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
When I manually go to that link in whatever browser, the file is downloaded immediately. When trying to download it through macports, it does not accept the certificate? I have put both "DigiCert High Assurance EV Root CA > SSL" and "GTE CyberTrust Global Root > SSL" to Always trust like suggested elsewhere, but that did not work either.
I use sourcerepo.com as SVN server. My XCode5 bot complains : error validating server certificate for "https://myproject.sourcerepo.com:443"
- the certificate is not issued by a trusted authority. Use the fingerprint etc....
How can I make my XCode Server accept this svn server and retrieve sources ?
thanks for your advice
Frank
Verify why the certificate is untrusted. (E.g., is it a self-signed certificate?)
Start Terminal and run svn info https://myproject.sourcerepo.com:443/<path-to-repository>. Accept the certificate permanently when prompted.
I found a way to make it work from the Xcode 5 release notes:
https://developer.apple.com/library/ios/releasenotes/developertools/rn-xcode/xc5_release_notes/xc5_release_notes.html
Communicating with a remote SVN repository over HTTPS can fail with an
error similar to “Error validating server certificate for server
name.” Edit the file
/Library/Server/Xcode/Config/xcsbuildd.plist
and change the TrustSelfSignedSSLCertificates key from false to true.
Then, from a Terminal window, run:
sudo killall xcsbuildd
I did exactly the above. To edit the file you actually need to
sudo vi /Library/Server/Xcode/Config/xcsbuildd.plist
After restarting the build daemon I was able to get my Xcode bot to checkout the sources from the remote repository and perform the integration. Hope this helps!
Recently Mercurial has added certificate validation when connecting to HTTPS servers. I'm trying to clone the wiki repository for a Google Code project at https://wiki.droidweight.googlecode.com/hg/, but the certificate is for *.googlecode.com.
Google Code's certificate does not cover multiple subdomains like *.*.googlecode.com.
I'm getting the error:
% hg clone --verbose https://wiki.droidweight.googlecode.com/hg/ -- C:\workspace\wiki
abort: wiki.droidweight.googlecode.com certificate error: certificate is for *.googlecode.com, googlecode.com, *.codespot.com, *.googlesource.com, googlesource.com (use --insecure to connect insecurely)
I need to get the certificate fingerprint. This SO answer says how to do it on *nix.
How would one get the fingerprint on Windows 7 (Home Premium)?
References:
Open issue on Google Code's support site.
Mercurial CA Certificates FAQ.
Which version of Mercurial are you using? 1.8.2 prints the fingerprint when you clone, as per the documentation.
EDIT: After some testing, I realised that Mercurial prints the certificate when you connect insecurely (I don't have web.cacerts configured, so cloning always succeeded, though with a warning). So if you pass --insecure to your hg clone, you'll get a clone and a fingerprint.
Alternatively, install GnuWin32! It makes the Windows command line a fun place to be :) (I have no affiliation with GnuWin32; just hugely appreciative.)