SVN - Server SSL certificate untrusted from post-commit hook

Question

I'm trying to create a post-commit.bat script so that every time someone commits, a working copy automatically updates. This is my post-commit.bat:

"C:\Program Files\TortoiseSVN\bin\svn.exe" update C:\Temp\PROD --non-interactive --trust-server-cert --username admin --password myPassword

This is the error message I'm getting:

svn: E230001: Unable to connect to a repository at URL
'https://svn.mydomain.com/svn/prod/trunk'
svn: E230001: Server SSL certificate untrusted

It looks like the --trust-server-cert option is ignored for some reason. Interestingly, calling the batch file from cmd window works fine.

I'm using Subversion Edge server and TortoiseSVN client on Windows Server 2008.

Anybody has any ideas what I'm doing wrong? Any help would be appreciated.

LEC

I have similar issue. I tried to call batch file from Jenkins with svn command. The same result as you described. And it also works fine from command line — sergtk
– sergtk, Commented Aug 25, 2013 at 21:01

ZoolWay · Accepted Answer · 2013-10-30 19:46:53Z

3

In my case (SVN client 1.8.1) the --trust-server-cert flag did also not work. After finding this http://mail-archives.apache.org/mod_mbox/subversion-users/201308.mbox/%3CCABw-3Ye6rk-zwjM7jZL-zPvSDDeH=+1ebH9O0e5163rZETOG9A@mail.gmail.com%3E I upgraded to SVN 1.8.4 and the script works well. The --trust-server-cert flag is fixed.

answered Oct 30, 2013 at 19:46

ZoolWay

5,5556 gold badges44 silver badges84 bronze badges

Sign up to request clarification or add additional context in comments.

1 Comment

ZoolWay Over a year ago

No, the client can update fine while not used of course. I updated just the svn client binaries the script on the server uses - not the server itself.

Community · Accepted Answer · 2017-03-20 10:18:16Z

2

I have fixed this by issuing new certificate with Common Name (CN) equal to server name.

I was able to use certificate with CN server name mismatch from browsers (with warnings) and svn command line. But was not able to use certificate within batch file which is called from Jenkins.

I use SVN client 1.8.1 under Win32.

I have also tried before, but it does not helped:

--trust-server-cert svn client command line parameter. It does not resolve the issue alone, but it might be required. (More info at http://svnbook.red-bean.com/en/1.7/svn.ref.svn.html)
Install CA cert to my Windows host (More info at Trust SSL certificate to local system account)
Provide CA cert for SVN client in file C:\Users\{username}\AppData\Roaming\Subversion\servers, key ssl-authority-files (More info at SVN 1.7 Quickstart Guide for Windows)

edited Mar 20, 2017 at 10:18

CommunityBot

11 silver badge

answered Aug 27, 2013 at 9:22

sergtk

11k15 gold badges79 silver badges133 bronze badges

1 Comment

Florian Winter Over a year ago

Don't use --trust-server-cert, as it will basically render encryption useless by making man-in-the-middle attacks possible. The remaining steps seem solid, though.

Collectives™ on Stack Overflow

SVN - Server SSL certificate untrusted from post-commit hook

2 Answers 2

1 Comment

1 Comment

Your Answer

Hot Network Questions

Collectives™ on Stack Overflow

2 Answers 2

1 Comment

1 Comment

Your Answer

Sign up or log in

Post as a guest

Related