My Subversion repository is available over HTTPS. I've got a self-signed CA root certificate, and the server uses a certificate signed with that.
The CA root certificate is stored in Trusted Root Certification Authorities
, which means that (for example) Internet Explorer recognises it.
AnkhSVN, on the other hand, reports "There are some problems with this server's certificate". So: what is AnkhSVN using as its certificate store? It doesn't appear to be the Windows one. And how do I put my CA root certificate in there?
Update: My website is secured with a certificate named 'www.example.com', the parent certificate is 'ca.example.com', which is self-signed. 'ca.example.com' is in the Trusted Root Authorities store. When I browse to https://www.example.com/svn/, IE shows the padlock icon, and the certification path looks good. When I point AnkhSVN at the same place (by using File / Subversion / Open from Subversion), it brings up the warning message.
The SVN command line doesn't complain.
Note: I haven't tried it with TortoiseSVN yet.
On a hunch that it might be Windows' WebDAV client, I checked with Word. It works fine. The Windows 7 "Add Network Location" feature accepts the certificate, prompts for my credentials and then doe开发者_Python百科sn't work (but that's a known problem with WebDAV over HTTPS in Windows).
The most likely cause is that your certificate chain does not verify or cannot be checked.
To verify, using IE8:
- Click the padlock icon to the right of the address bar
- Click "View Certificates"
- Go to certification path
- Check that all certs here report "OK"
精彩评论