SVN SSL Certificate Validation Error
I am running RedHat Enterprise Linux 6 and have a subversion server installed (with Apache). I have just configured Apache to run HTTPS with an SSL Certificate from Geotrust. The Apache part of things is running fine (I can access my site via HTTPS without warnings or issues).
However, when I run an svn co https://myserver.com/svn/proj_name, I get the following error:
Error validating server certificate for 'https://myserver.com:443':
- The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually!
Certificate information:
- Hostname: myserver.com
- Valid: from Sun, 23 Oct 2011 16:15:13 GMT until Thu, 25 Oct 2012 05:38:36 GMT
- Issuer: GeoTrust, Inc., US
- Fingerprint: (some fingerprint)
(R)eject, accept (t)emporarily or accept (p)ermanently?
Also, I have in my subversion "servers" configuration file:
[global]
ssl-authority-files=/usr/share/certs/GeoTrust_Primary_CA.pem;
ssl-trust-default-ca = true
But when I attempt to access subversion, I find this in the error log:
svn: Invalid config: unable to load certificate file '/usr/share/certs/GeoTrust_Primary_CA.pem'
Everyone has read access to this file - and I downloaded it straight from GeoTrust's website. Is there something I'm missing?
Most likely, something is wrong with the certificate file. You can check it with:
openssl x509 -text < /usr/share/certs/GeoTrust_Primary_CA.pem
The output should include:
Version: 3 (0x2)
Serial Number:
18:ac:b5:6a:fd:69:b6:15:3a:63:6c:af:da:fa:c4:a1
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
Validity
Not Before: Nov 27 00:00:00 2006 GMT
Not After : Jul 16 23:59:59 2036 GMT
Subject: C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
Subject Public Key Info:
or
md5sum /usr/share/certs/GeoTrust_Primary_CA.pem
The output should be: 55a9909182b959dcbb00c550725bcdf2 GeoTrust_Primary_CA.pem