configspace in https-svn - how to deal with certificates?

Michael Tautschnig mt at debian.org
Mon Jul 14 14:47:39 CEST 2008


> Hi,
> Probably more a Subversion-Question, on the other hand a problem only  
> really getting in your way when doing automatic stuff:
>
> I'm about to bootstrap a new infrastructure with FAI, using a  
> configspace in Subversion, with https for the first time.
> The problem with this is, that I have to manually accept the  
> https-Server certificate at the beginning of the install when the  
> configspace is being checked out...
>
> Did anybody else run into this, and found a solution, apart from  
> enabling http without the "s" on the subversion server?
>
> I _guess_ it should be possible to put the server certificate somewhere  
> into the nfsroot, so it's known to the install, client at install time.  
> But I'm a bit clueless about where to find it - /root does not look like  
> it has such a thing, when I look into it after having accepted the  
> certificate manually.
>

Well, it should do, see /root/.subversion after accepting it. You may, however,
also do a somewhat more proper way: Put the corresponding CA-certificate
somewhere, and add ssl-authority-files = <certificate-path> to
/etc/subversion/servers inside your NFSROOT.

Best,
Michael

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : http://lists.uni-koeln.de/pipermail/linux-fai-devel/attachments/20080714/d9daf157/attachment.bin 


More information about the linux-fai-devel mailing list