Dealing with SVN cert changes

Infrastructure may change the SSL certificate used for svn.apache.org. Since we use an "https" SVN external, this causes problems: all users of SVN will be presented with a warning like the following:

svn up

Fetching external item into 'rulesrc'
Error validating server certificate for 'https://svn.apache.org:443':
 - The certificate is not issued by a trusted authority. Use the
   fingerprint to validate the certificate manually!
Certificate information:
 - Hostname: *.apache.org
 - Valid: from Fri, 07 Feb 2014 00:00:00 GMT until Thu, 07 Apr 2016 23:59:59 GMT
 - Issuer: Thawte, Inc., US
 - Fingerprint: dd:73:02:e6:4f:9e:fc:48:82:cc:61:68:f6:98:f0:aa:66:43:84:78
(R)eject, accept (t)emporarily or accept (p)ermanently? p
External at revision 513302.

At revision 513302.

This includes various automated scripts. Here's how to update their certs to fix this problem.

Log into spamassassin.zones.apache.org, and issue:

sudo su - release
[type password]
svn info https://svn.apache.org/repos/asf/spamassassin/trunk
Error validating server certificate for 'https://svn.apache.org:443':
 - The certificate is not issued by a trusted authority. Use the
   fingerprint to validate the certificate manually!
Certificate information:
 - Hostname: *.apache.org
 - Valid: from Fri, 07 Feb 2014 00:00:00 GMT until Thu, 07 Apr 2016 23:59:59 GMT
 - Issuer: Thawte, Inc., US
 - Fingerprint: dd:73:02:e6:4f:9e:fc:48:82:cc:61:68:f6:98:f0:aa:66:43:84:78
(R)eject, accept (t)emporarily or accept (p)ermanently? p
External at revision 513302.

At revision 513302.

exit

repeat the above for the automc, updatesd, bbmass and buildbot accounts.
  • No labels