> PROPFIND request failed on '/svn/Superscout'
> PROPFIND of '/svn/Superscout': Server certificate verification
> failed: certificate issued for a different hostname, issuer is not
> trusted (https://XX.XX.XX.XX)
First, here's how to fix the situation:
1. Open Terminal (in Utilities, in Applications)
2. Type some svn command against your repository, say "svn ls https://82.100.10.110/svn/Superscout
"
3. You'll get a text prompt about the server's certificate, asking you
what to do
4. Type "p" (and return), meaning "permanently accept this certificate
anyway"
That answer will be saved away in a place that both the command line
"svn" and also SCPlugin will reuse.
Now, the explanation, in case you're curious:
You're accessing Subversion through the HTTP protocol, the same one
used by web browsers. This is probably the most common way to use SVN.
HTTP servers can, and often do, use an encrypted connection, called
"https". Subversion can do that, too, and that's what's going on here.
The encryption includes a "server certificate," a digital signature
that proves that the server you're talking to really is the one you
think it is. This is included because it is possible to arrange so
that connections you think are going to one computer actually go to
another. There's an attack called the "man in the middle," where some
bad person sets things up this way, then forwards messages back and
forth between you and the true server. Your web browser (or
Subversion) sends and receives exactly the packets it expects to, but
the "man in the middle" is reading everything. Unfortunately, there is
no way to detect or prevent this from the stream of messages alone.
The server certificate protects you against this, because the server
certificates are digitally signed by someone else. The idea is that
there should be a few signatories that you trust to do this, and you
can confirm that one of these signed a given server's certificate, and
hence you trust that it's the one you want. This is the same as
checking a person's driver's license: you trust the state to attest
who the person is; you've seen driver's licenses before and can spot a
phony (at least, if it's not too good a phony), and so having seen the
license, you can trust that the person is who they claim to be.
This process isn't working for you. The messages actually say there
are two problems:
- certificate issued for a different hostname
- issuer is not trusted
In the first problem: if I claim to be "Jack Repenning," and attempt
to prove that by showing you a license for "Fred Smithers," you'd be
more than a little suspicious, right? Same thing here. However, this
is probably because you told Subversion to contact "https://82.100.10.110
" -- that is, the server's "name" is 82.100.10.110. That's the host
*address*, but typically the server's actual certificate is for their
host *name*. If you try again, using "https://
server.superscout.co.uk" (or whatever the name actually is), this part
will probably go away. But maybe not: when I try to look up that
address in the global DNS name base, I don't get a reply. Probably
that address is internal to your company network, and so conceivably
you may not have DNS properly set up for it. Maybe that's why you used
an address rather than a name. At any rate, the procedure above will
reassure Subversion that this combination really is OK.
In the second problem: metaphorically, Subversion is saying "this
looks like a driver's license, but it's from some country I've never
heard of, how do I know whether it's a valid license from there?"
Actually, there's a good chance that this certificate is signed by one
of the standard authorities: there's a bug in OS X about the
installation of this information, as a result of which Subversion (and
SCPlugin) requires some extra configuration work in order to find the
list of trusted authorities. If you're going to be connecting to a
great many different servers, it might be worth your while to fix
this. That can be done, but until Apple fixes the bug it also means
you have to manually update it from time to time (about once a year),
which would be tiresome.
The procedure above works once for all time, for this one address. If
you only have to do it a few times, you're better off just doing it
than fixing the authority list. But if you want to fix up the list,
you can find the directions in the users@ list on scplugin. Or, just
ask there again, and someone will restate them, or point you to them.
-==-
Jack Repenning
jackrepenning at tigris dot org
Project Owner
SCPlugin
http://scplugin.tigris.org
"Subversion for the rest of OS X"
分享到:
相关推荐
NULL 博文链接:https://wuhuizhong.iteye.com/blog/1131339
jenkins发版报错Host key verification failed. jenkins发版报错Host key verification failed. jenkins发版报错Host key verification failed. jenkins发版报错Host key verification failed. jenkins发版报错Host ...
coursera 上的吴恩达的机器学习课程,octave4.0.0版本提交作业时会提示提交失败,只要将每个作业文件下的lib文件替换成本资源提供的lib即可。
用java swing写的批量上传组件。分享给大家一起学习,有不足的地方,大家一起完善。呵呵
title: Git提示Host key verification failed- 报错- 报错问题描述Git提示Host key verification f
apt update报错Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification.时可能用到
apt update报错Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification.可能用到
apt update报错Certificate verification failed: The certificate is NOT trusted. The certificate issuer is unknown. Could not handshake: Error in the certificate verification.时可能会用到
主要介绍了Jenkins Host key verification failed问题解决,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友可以参考下
证书验证系统旨在帮助阿富汗和卢旺达的雇主在招聘员工时无法检查文件的真实性,以确保给定的证书或学位是由真正知名的大学或学院颁发的。 该在线系统将仅使用一次性密码以更好地保护应用程序。
ESL DESIGN AND VERIFICATION: A PRESCRIPTION FOR ELECTRONIC SYSTEM-LEVEL METHODOLOGY 1 What Is ESL? 1 2 Taxonomy and Definitions for the Electronic System Level 11 3 Evolution of ESL Development 35 4 ...
Echosounder labview源文件,是.VI格式的文件,labview2018或更低版本可以正常打开,可正常仿真
让你不再为不能把DSP程序烧写进FLASH发愁
Introduction to Design Verification with VMM: A Quickstart Guide Introduction to Design Verification with VMM: A Quickstart Guide
A Roadmap for Formal Property Verification
FPGA验证的经典书籍英文版,主要讲systemverilog高级验证方法
Advanced Verification Techniques A SystemC Based Approach for Successful Tapeout.pdf很难找到的好电子书
FAILED: SemanticException org.apache.hadoop.hive.ql.metadata.HiveException: java.lang.RuntimeException: Unable to instantiate org.apache.hadoop.hive.ql.metadata.SessionHiveMetaStoreClient 解决方法 ...
SystemVerilog For Verification 2nd
selenium是开源的自动化web测试框架,基于c/s模式提供多语言支持(java,c,ruby,python,js、、)本资源为2016年10月发布的最新版本3.0