On Mon, Aug 13, 2012 at 9:28 AM, Philip Martin <philip.mar...@wandisco.com> wrote: > Daniel Shahaf <d...@daniel.shahaf.name> writes: > >> Johan Corveleyn wrote on Sat, Aug 11, 2012 at 22:11:22 +0200: >>> >>> Okay, I see there is an --ssl-cert option in svntest/main.py which >>> does the necessary stuff. It's just not exposed through win-tests.py. >> >> Someone must have added it while I wasn't looking... > > Me. subversion/tests/cmdline/davautocheck.sh does the relevant magic to > setup Apache if one uses: > > make davautocheck USE_SSL=1
Nice. I made a change (locally) to win-tests.py to also pass this option, but it doesn't seem to work properly. I created a CA certificate and signed a server cert with that. When I pass --ssl-cert=server.crt, it fails with: [[[ Error validating server certificate for 'https://localhost:443': - The certificate is not issued by a trusted authority. Use the fingerprint to validate the certificate manually! Certificate information: - Hostname: localhost - Valid: from Aug 13 00:26:09 2012 GMT until Aug 7 00:26:09 2032 GMT - Issuer: (null), Test, (null), Test, BE ((null)) - Fingerprint: C2:50:D1:2C:03:32:26:8B:04:97:16:4A:F0:BB:E5:27:1A:A8:46:40 (R)eject or accept (t)emporarily? ]]] Even though the cert is correctly put into a file in config\auth\svn.ssl.server. Is this normal? Is there something wrong with the issuer? Or is the only way to accept my certificate to also add "ssl-authority-files=/path/to/ca.crt" in the servers file from within main.py? See also dav-tests.log in attachment. -- Johan
dav-tests.log
Description: Binary data
