Project

General

Profile

Actions

Feature #4269

open

Allow ca_path option for reposman.rb to validate peer certificate

Added by digi byte almost 15 years ago. Updated almost 15 years ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
-
Target version:
-
Start date:
2009-11-23
Due date:
% Done:

0%

Estimated time:
Resolution:

Description

I use the following command for automatic SVN repository creation:

ruby /opt/redmine/extra/svn/reposman.rb --redmine https://localhost/redmine --svn-dir /var/svn --owner www-data --url file:///var/svn/ >> /var/log/redmine-reposman.log

I get this warning twice during the execution:

warning: peer certificate won't be verified in this SSL session

When replacing 'https://localhost/redmine' to 'http://localhost/redmine' the warning disappears. How can the peer certificate be verified (I have a valid certificate, so this must be possible)? Or how can the peer verification be skipped (if redmine is only accessible on https)?

Thank you for looking into this issue.

Regards,
Pieter

Actions #1

Updated by Jean-Philippe Lang almost 15 years ago

This warning is issued by ruby. A trusted CA cert must be available locally to verify the peer certificate.
But reposman does not currently offer this option.

Actions #2

Updated by Jean-Philippe Lang almost 15 years ago

  • Subject changed from Repository management: warning when Redmine is on https to Allow ca_path option for reposman.rb to validate peer certificate
  • Priority changed from Normal to Low
Actions #3

Updated by Jean-Philippe Lang almost 15 years ago

  • Tracker changed from Defect to Feature
Actions #4

Updated by digi byte almost 15 years ago

I solved my problem by creating a new file: redmine/extra/svn/soap/property
This is the content of the property file:

client.protocol.http.ssl_config.ca_file=/etc/apache2/ssl/ca.pem

Where you can of course change the path to the corresponding CA certificate.
I also had to execute this command to add SSL support: gem install httpclient
I hope this can be interesting for other people using Redmine. Issue can be closed for me.

Regards,
Pieter

Actions

Also available in: Atom PDF