[ET Trac] [Einstein Toolkit] #1812: GetComponents needs to come with (a selected few) trusted certificates
Einstein Toolkit
trac-noreply at einsteintoolkit.org
Tue Sep 1 10:27:44 CDT 2015
#1812: GetComponents needs to come with (a selected few) trusted certificates
----------------------------+-----------------------------------------------
Reporter: knarf | Owner:
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: GetComponents | Version: development version
Resolution: | Keywords:
----------------------------+-----------------------------------------------
Comment (by rhaas):
This can be a bit dangerous in case this happens on a user's workstation
and they later run svn directly on the command line (eg svn update) and
then receive the svn error message. We should output some information that
a certificate file was created along with instructions for users to use
it.
Instead of an svn option you can set the SSL_CERT_FILE environment
variable (in GetComponents before calling svn) and point it to the proper
file (works on OSX's svn 1.7 and 1.8 from macports and on my linux
workstation). Git supports a sslcainfo option in the http section of its
config file so at least for git we can try and see if it allows the system
certificates to be supplemented by the ones GetComponents provided on a
per repository basis.
The alternative (which I'd prefer) would of course be to get a ssl
certificate from a common/old enough root authority that is supported by
all systems we care about.
--
Ticket URL: <https://trac.einsteintoolkit.org/ticket/1812#comment:2>
Einstein Toolkit <http://einsteintoolkit.org>
The Einstein Toolkit
More information about the Trac
mailing list