Error validating server certificate for 'https://svn0.us-east.freebsd.org:443':
Kimmo Paasiala
kpaasial at gmail.com
Fri Aug 2 13:21:49 UTC 2013
On Fri, Aug 2, 2013 at 11:51 AM, Kimmo Paasiala <kpaasial at gmail.com> wrote:
> On Fri, Aug 2, 2013 at 11:19 AM, Anton Shterenlikht <mexas at bris.ac.uk> wrote:
>> >From kpaasial at gmail.com Fri Aug 2 09:18:52 2013
>>>
>>>On Fri, Aug 2, 2013 at 11:10 AM, Anton Shterenlikht <mexas at bris.ac.uk> wrote:
>>>> # svn up /usr/ports/
>>>> Updating '/usr/ports':
>>>> Error validating server certificate for 'https://svn0.us-east.freebsd.org:443':
>>>> - The certificate is not issued by a trusted authority. Use the
>>>> fingerprint to validate the certificate manually!
>>>> - The certificate hostname does not match.
>>>> Certificate information:
>>>> - Hostname: svnmir.ysv.FreeBSD.org
>>>> - Valid: from Jul 29 22:01:21 2013 GMT until Dec 13 22:01:21 2040 GMT
>>>> - Issuer: clusteradm, FreeBSD.org, (null), CA, US (clusteradm at FreeBSD.org)
>>>> - Fingerprint: 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61
>>>> (R)eject, accept (t)emporarily or accept (p)ermanently?
>>>>
>>>> What's going on?
>>>>
>>>> Thanks
>>>>
>>>> Anton
>>>>
>>>
>>>The DNS name for the SVN mirror was changed a few days ago into a
>>>CNAME that points to svnmir.ysv.FreeBSD.org and it no longer matches
>>>the certificate that you have saved on your system, hence the
>>>complaint. It's safe to accept the "new" cert.
>>>
>>>-Kimmo
>>
>> ok, great, thanks for clarifying this.
>>
>> Anton
>
> Np.
>
> You can always check the fingerprints of the certificates manually if
> there's any lingering doubt :)
>
> -Kimmo
Btw, I was about to ask if the SSL certificate fingerprints for the
SVN mirrors are available somewhere. They are listed in the FreeBSD
Handbook:
http://www.freebsd.org/doc/handbook/svn-mirrors.html
Very nice.
-Kimmo
More information about the freebsd-ports
mailing list