[Bug 272386] Re: subversion doesn't permanently accept certificates

Stefano Angeleri 272386 at bugs.launchpad.net
Mon Apr 30 05:05:14 UTC 2012 

It's fixed since then

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to subversion in Ubuntu.
https://bugs.launchpad.net/bugs/272386

Title:
  subversion doesn't permanently accept certificates

Status in “subversion” package in Ubuntu:
  Incomplete

Bug description:
  Binary package hint: subversion

  Since last update of subversion in hardy (from backports so
  1.5.1dfsg1-1ubuntu2~hardy1) subversion will always ask to accept
  reported "invalid certificates" for example from sourceforge (which is
  strange that it's using an invalid certificate). Not only this but
  also if allowing to accept it permanently this choice will be ignored
  and will be threated like if "accept temporarily" was chosen. This is
  extremely annoying because requires input each time i use sourceforge
  repositories (even for update).

  example of the error:

  Error validating server certificate for 'https://<aprojectname>.svn.sourceforge.net:443':
   - The certificate is not issued by a trusted authority. Use the
     fingerprint to validate the certificate manually!
  Certificate information:
   - Hostname: *.svn.sourceforge.net
   - Valid: from Tue, 09 Oct 2007 14:15:07 GMT until Mon, 08 Dec 2008 15:15:07 GMT
   - Issuer: US, Equifax, Equifax Secure Certificate Authority
   - Fingerprint: fb:75:6c:40:58:ae:21:8c:63:dd:1b:7b:6a:7d:bb:8c:74:36:e7:8a
  (R)eject, accept (t)emporarily or accept (p)ermanently? 

  this happens every time since the update to me.

  -----

  1) Description:	Ubuntu 8.04.1
  Release:	8.04

  2) subversion:
    Installed: 1.5.1dfsg1-1ubuntu2~hardy1
    Candidate: 1.5.1dfsg1-1ubuntu2~hardy1
    Version table:
   *** 1.5.1dfsg1-1ubuntu2~hardy1 0
          500 http://it.archive.ubuntu.com hardy-backports/main Packages
          100 /var/lib/dpkg/status
       1.4.6dfsg1-2ubuntu1 0
          500 http://it.archive.ubuntu.com hardy/main Packages

  3) there shouldn't be any request at all teorically as it's strange something like sourceforge is using a certificate from an untrusted autority. but at least the permanent accept should be allowed.
  4) it ignores the permanent accept of the certificate

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/subversion/+bug/272386/+subscriptions

More information about the foundations-bugs mailing list