-----END CERTIFICATE----- 3 s:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority -----BEGIN CERTIFICATE----- ...-----END CERTIFICATE----- --- Server certificate subject=/OU=Domain Control Validated/CN=*.issuer=/C=US/ST=Arizona/L=Scottsdale/O=Go Daddy.com, Inc./OU= Daddy Secure Certificate Authority - G2 --- No client certificate CA names sent --- SSL handshake has read 4910 bytes and written 468 bytes --- New, TLSv1/SSLv3, Cipher is AES128-SHA Server public key is 2048 bit SSL-Session: Protocol : TLSv1 Cipher : AES128-SHA ...only: depending on the Open SSL versions and builds you use it might 'reject' the cert even though the CA root is in the local truststore; see SSL Root CA certificate is not recognized, although present in the trust store. I just updated the certificate on one of my sites due to the old one expiring.The new certificate verifies fine in Internet Explorer 9, Chrome, and Firefox 4 - but when trying to browse/check out the repository with Tortoise SVN, I get the following error: Error validating server certificate for https://com:443: Unknown certificate issuer.Fingerprint: 96:b3:fa:19:bd:4a:ec:c2:bc::b:2a:0a::07:d0 Distinguished name: (c) 2009 Entrust, Inc., is incorporated by reference, Entrust, Inc., US Do you want to proceed?On one, it didn't have svn installed, but [~]# openssl version Open SSL 1.0.1e-fips [~]# svn --version svn, version 1.7.4 (r1295709) compiled Apr 5 2012, [~]# openssl s_client -connect subversion.assembla.com:443 -showcerts CONNECTED(00000003) depth=3 C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority verify return:1 depth=2 C = US, ST = Arizona, L = Scottsdale, O = "Go Daddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2 verify return:1 depth=1 C = US, ST = Arizona, L = Scottsdale, O = "Go Daddy.com, Inc.", OU = CN = Go Daddy Secure Certificate Authority - G2 verify return:1 depth=0 OU = Domain Control Validated, CN = *.verify return:1 --- Certificate chain 0 s:/OU=Domain Control Validated/CN=*.i:/C=US/ST=Arizona/L=Scottsdale/O=Go Daddy.com, Inc./OU= Daddy Secure Certificate Authority - G2 -----BEGIN CERTIFICATE----- ...-----END CERTIFICATE----- 1 s:/C=US/ST=Arizona/L=Scottsdale/O=Go Daddy.com, Inc./OU= Daddy Secure Certificate Authority - G2 i:/C=US/ST=Arizona/L=Scottsdale/O=Go Daddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2 -----BEGIN CERTIFICATE----- ... 0050 - db ae c3 91 e4 fb fb 88-aa e3 f5 e1 bd bd 02 c8 ................ 0070 - a9 ba 31 23 b2 bf 6e 92-05 c3 35 ce 93 5f 2f 2e ..1#..n...5.._/. 0090 - 38 b6 e5 78 c0 af f8 12-ca 32 03 15 e2 a9 2a 4e 8..x.....2....*N 00a0 - ec 62 6b 71 c1 dd 66 4a-96 1b f2 e9 e2 5d 86 96 .f J.....]..
good questions to ask on online dating sites
Over the course of time, I've meandered through other stackexchange answers, which have pointed me to things like downloading from se and adding that to ssl-authority-files: when I try that, I get: svn: E125009: Unable to connect to a repository at URL 'https://subversion.assembla.com/svn/[..repo path...]' svn: E125009: Invalid config: unable to load certificate file '/users/jonespet/.subversion/auth/ssl.certs/cacerts.pem' I took the back out, because it made things even worse, not better.It may be trying to cache to the Keychain, in which case you should try unlocking your keychain and doing an 'svn up' in one of stacks that is versioned with svn.Repeated attempts to 'svn up' in the same directory shouldn't ask you to accept the certificate any more.I keep having to validate the server certificate over and over again.
I keep hitting (p) for permanently, but it doesn't seem to remember. Now, to be clear, I eventually am able to download all of ROS (and with major modifications) get it up and running on OSX Lion.
On the other hand, it may be trying to cache to ~/.subversion/auth/ , in which case you should make sure that directory exists and that your user has write permissions to it.