You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by solo turn <so...@gmail.com> on 2004/09/10 18:00:44 UTC
old certificates
hi,
is there a possibility to accept old certificates forever? somehow it
is not userfriendly to ask all the time. the only possibilty i know is
to allow to store auth-creds, but this means storing passwords, which
is not desireable.
-solo.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: old certificates
Posted by Ben Collins-Sussman <su...@collab.net>.
On Fri, 2004-09-10 at 13:00, solo turn wrote:
> hi,
>
> is there a possibility to accept old certificates forever? somehow it
> is not userfriendly to ask all the time. the only possibilty i know is
> to allow to store auth-creds, but this means storing passwords, which
> is not desireable.
Are you using an ancient client? It should be asking that question
already:
$ svn ls https://svn.collab.net/repos/svn
Error validating server certificate for 'https://svn.collab.net:443':
- The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually!
Certificate information:
- Hostname: svn.collab.net
- Valid: from Sep 22 21:21:47 2003 GMT until Sep 21 21:21:47 2007 GMT
- Issuer: CollabNet Chicago CA, Chicago, IL, US
- Fingerprint:
d9:2a:03:7d:82:b4:21:cb:97:6c:21:33:a8:13:1d:0f:ef:f2:21:39
(R)eject, accept (t)emporarily or accept (p)ermanently?
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: old certificates
Posted by Ben Collins-Sussman <su...@collab.net>.
On Fri, 2004-09-10 at 13:12, Tobias Ringström wrote:
> solo turn wrote:
>
> >hi,
> >
> >is there a possibility to accept old certificates forever? somehow it
> >is not userfriendly to ask all the time. the only possibilty i know is
> >to allow to store auth-creds, but this means storing passwords, which
> >is not desireable.
> >
> >
> 1.1 has (i.e. 1.1.0 will have) a store-passwords config option that you
> can set to no while keeping store-auth-creds set to yes. That will make
> it possible to avoid storing passwords without disabling the possibility
> to accept certificates permanently.
Whoops, I misunderstood. Now I understand exactly why we just merged
this new config option into 1.1.0-rc3. :-)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: old certificates
Posted by Tobias Ringström <to...@ringstrom.mine.nu>.
solo turn wrote:
>hi,
>
>is there a possibility to accept old certificates forever? somehow it
>is not userfriendly to ask all the time. the only possibilty i know is
>to allow to store auth-creds, but this means storing passwords, which
>is not desireable.
>
>
1.1 has (i.e. 1.1.0 will have) a store-passwords config option that you
can set to no while keeping store-auth-creds set to yes. That will make
it possible to avoid storing passwords without disabling the possibility
to accept certificates permanently.
/Tobias
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org