When attempting to sync a repo to a server or to your desktop you will receive an error if the certificate being used to protect the HTTPS repository URL is not issued by the proper authority. Many companies generate their own certificates for repository URL’s especially if the repository is primary used internally. In this example I was attempting to sync a repository using SVN to a folder on the desktop of my Macbook Pro running OSX Mountain Lion. Below I describe the error in more detail followed by resolution to the svn certificate error.
Error Attempting To Clone Repository Using SVN HTTPS URL:
- Alexs-MacBook-Pro:~ alex$ svn co HTTPS-SVN-REPOSITORY-URL-HERE --non-interactive --no-auth-cache --username THE-USERNAME-HERE --password THE-PASSWORD-HERE /Users/USERNAME-HERE/path/to/mirror/repo/to/
- svn: OPTIONS of 'HTTPS-SVN-REPOSITORY-URL-HERE': Server certificate verification failed: issuer is not trusted (HTTPS-CERTIFICATE-URL-HERE)
- Alexs-MacBook-Pro:~ alex$
In the above example output I changed various private information to all capital letters to represent what was there including HTTPS-SVN-REPOSITORY-URL-HERE, THE-USERNAME-HERE, THE-PASSWORD-HERE, USERNAME-HERE, and the path to where the repository was being cloned. In the output after the command was issued again the SVN URL is removed as well as the URL the SSL certificate was based upon. If you receive an error similar to the above you simply need to permanently accept the certificate as shown below. Make sure that you are familiar with the repository itself and you trust the people managing it before you start accepting certificates from unknown people.
Use svn list To Permanently Accept SVN Repository SSL Certificate:
- Alexs-MacBook-Pro:~ alex$ svn list HTTPS-SVN-REPOSITORY-URL-HERE
- Error validating server certificate for 'HTTPS-CERTIFICATE-URL-HERE:443':
- - The certificate is not issued by a trusted authority. Use the
- fingerprint to validate the certificate manually!
- Certificate information:
- - Hostname: *.SOME-DOMAIN.com
- - Valid: from Thu, 09 Aug 2012 00:00:00 GMT until Tue, 13 Aug 2013 23:59:59 GMT
- - Issuer: Network Solutions L.L.C., US
- - Fingerprint: c2:32:ec:32:7f:84:5e:38:55:f1:f6:33:9c:ae:d4:77:9c:6b:c4:67
- (R)eject, accept (t)emporarily or accept (p)ermanently? p
- Authentication realm: <HTTPS-CERTIFICATE-URL-HERE:443> Subversion repository
- Password for 'alex':
- Authentication realm: <HTTPS-CERTIFICATE-URL-HERE:443> Subversion repository
- Username: svn: OPTIONS of 'HTTPS-SVN-REPOSITORY-URL-HERE': authorization failed: Could not authenticate to server: rejected Basic challenge (HTTPS-CERTIFICATE-URL-HERE)
- Alexs-MacBook-Pro:~ alex$
When accepting the certificate above I typed in a bogus username and password as the only purpose of the above was to permanently accept the SVN repo SSL certificate so I could clone the repo using the initial command without receiving a SSL certificate error. After permanently accepting the certificate you should be able to clone the SVN repository as shown in the below example.
Clone SSL SVN Repository After Accepting Certificate:
- Alexs-MacBook-Pro:~ alex$ svn co HTTPS-SVN-REPOSITORY-URL-HERE --non-interactive --no-auth-cache --username THE-USERNAME-HERE --password THE-PASSWORD-HERE /Users/alex/Desktop/ZYRTEC/meanstinks/
- A /Users/USERNAME/Desktop/path/to/repo/folder/folder1
- A /Users/USERNAME/Desktop/path/to/repo/folder/folder1/file1
- A /Users/USERNAME/Desktop/path/to/repo/folder/folder1/file2
- A /Users/USERNAME/Desktop/path/to/repo/folder/file3
- A /Users/USERNAME/Desktop/path/to/repo/folder/folder2
- A /Users/USERNAME/Desktop/path/to/repo/folder/folder2/file4
- .... CUT - ETC ....
Depending on how many files are in the repository it may take awhile to clone but you now have successfully cloned a SSL SVN repository. You should also not have any issues in the future updating the contents of the repo.