SVN Certificates

Problem:

When the Helix shipped SVN clients do not recognize your SSL server certificate, you can export the certificate and point to it from the svn wrappers. When you do this, not all users have to accept the certificate permanently.

To the end user this error can appear like:

svn: E175002: Unable to connect to repository 'https://......../svn/....'

Or in Helix IPLM's Workspace manager:

ERROR    : callback_ssl_server_trust_prompt required

Solution:

This can be any kind of authentication problem, but can also be the certificate problem. In a normal svn command users would be prompted to accept the certificate, but in Helix IPLM all commands are ran 'non-interactive' and, therefore, users will not be prompted to accept the certificate.

Step one: Export your SLL certificate in PEM format X.509 and store it in a location readable for all users (/path/to/your/certificate).

Step two: Change the wrapper in the Helix IPLM's installation to include the certificate:

/..../methodics/current/tools/extras/svn_1.8/svn --config-option servers:global:ssl-authority-files=/path/to/your/certificate

e.g.:

$ vi /mdx/tools/methodics/current/tools/extras/svn_1.8/svn

#!/bin/bash -f 
# Subversion command line svn client wrapper to avoid issues
# with LD_LIBRARY_PATH (for VersIC/Cadence)

script_path=`dirname $0`
export LD_LIBRARY_PATH=${script_path}/lib

# Pass all arguments to svn client.
${script_path}/bin/svn --config-option servers:global:ssl-authority-files="/path/to/your/certificate" "$@"exit $status