svn checkout 이나 commit 하려고 할 때 SSL Certificate 관련된 오류가 발생할 때가 있다.

svn: E170013: Commit failed (details follow):
svn: E170013: Unable to connect to a repository at URL 'https://xxx.yyy.zzz.ddd/svn/trunk'
svn: E230001: Server SSL certificate verification failed: certificate issued for a different hostname

내부, 외부 ip 가 있고 내부에는 hostname 으로 접근 가능하게 설정했는데 외부에서 public ip 로 접근하려고 해서 발생했었다.

Error validating server certificate for 'https://xxx.yyy.zzz.ddd:ppp':
 - The certificate is not issued by a trusted authority. Use the
 fingerprint to validate the certificate manually!
 - The certificate hostname does not match.
 Certificate information:
 - Hostname: 
hostname.domain
 - Valid: from Jul 19 07:18:37 2021 GMT until Jul 17 07:18:37 2031 GMT
 - Issuer: 
hostname.domain
 - Fingerprint: FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF:FF
 (R)eject, accept (t)emporarily or accept (p)ermanently?

interative mode 에서는 입력창에 p 를 입력해 accept 하면 되는데 jenkins 와 같은 자동화 툴에서는 문제가 된다.

이럴 때 svn cli option 중에 --trust-server-cert-failures 를 사용하면 된다. 

--non-interactive : do no interactive prompting (default is to prompt
only if standard input is a terminal device)
--trust-server-cert : deprecated; same as --trust-server-cert-failures=unknown-ca
--trust-server-cert-failures ARG : with --non-interactive, accept SSL server certificates with failures; ARG is comma-separated list of 'unknown-ca' (Unknown Authority), 'cn-mismatch' (Hostname mismatch), 'expired' (Expired certificate), 'not-yet-valid' (Not yet valid certificate) and 'other' (all other not separately classified certificate errors).

예전엔 --trust-server-cert 옵션만 있었는데 다양한 certificate 오류를 처리하기 위해 svn 1.9 에 --trust-server-cert-failures 가 추가되었다. 체크인이나 체크아웃 시에 --non-interactive 옵션과 함께 --trust-server-cert-failures 옵션을 추가해서 실행하면 된다.

svn ci . --non-interactive --trust-server-cert-failure="unknown-ca,cn-mismatch,expired,not-yet-valid,other"

참고 : https://stackoverflow.com/questions/5165516/server-certificate-verification-failed

 

Server certificate verification failed

When I execute svn in command line: command: svn commit path -m "Uploaded By User" --username username --password password --non-interactive --trust-server-cert --quiet 2>&1 This res...

stackoverflow.com

 

728x90

+ Recent posts