Date: Fri, 2 Aug 2013 16:21:47 +0300 From: Kimmo Paasiala <kpaasial@gmail.com> To: mexas@bris.ac.uk Cc: freebsd-ports@freebsd.org Subject: Re: Error validating server certificate for 'https://svn0.us-east.freebsd.org:443': Message-ID: <CA%2B7WWSd8r8wrfqBHaRXrXBH_9k3v4feN2re4ZwQ=6sUf6Qywnw@mail.gmail.com> In-Reply-To: <CA%2B7WWSdA4LxTu4K3RKjBbb1NijAidmB6LQQCAjq4yEHD5LgA2Q@mail.gmail.com> References: <CA%2B7WWSfCi3gRwaBShswXMS3hU8L-JEnFm73FVLA4%2B%2B2nF0VKtg@mail.gmail.com> <201308020819.r728JhHR033988@mech-cluster241.men.bris.ac.uk> <CA%2B7WWSdA4LxTu4K3RKjBbb1NijAidmB6LQQCAjq4yEHD5LgA2Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Aug 2, 2013 at 11:51 AM, Kimmo Paasiala <kpaasial@gmail.com> wrote: > On Fri, Aug 2, 2013 at 11:19 AM, Anton Shterenlikht <mexas@bris.ac.uk> wrote: >> >From kpaasial@gmail.com Fri Aug 2 09:18:52 2013 >>> >>>On Fri, Aug 2, 2013 at 11:10 AM, Anton Shterenlikht <mexas@bris.ac.uk> wrote: >>>> # svn up /usr/ports/ >>>> Updating '/usr/ports': >>>> Error validating server certificate for 'https://svn0.us-east.freebsd.org:443': >>>> - The certificate is not issued by a trusted authority. Use the >>>> fingerprint to validate the certificate manually! >>>> - The certificate hostname does not match. >>>> Certificate information: >>>> - Hostname: svnmir.ysv.FreeBSD.org >>>> - Valid: from Jul 29 22:01:21 2013 GMT until Dec 13 22:01:21 2040 GMT >>>> - Issuer: clusteradm, FreeBSD.org, (null), CA, US (clusteradm@FreeBSD.org) >>>> - Fingerprint: 1C:BD:85:95:11:9F:EB:75:A5:4B:C8:A3:FE:08:E4:02:73:06:1E:61 >>>> (R)eject, accept (t)emporarily or accept (p)ermanently? >>>> >>>> What's going on? >>>> >>>> Thanks >>>> >>>> Anton >>>> >>> >>>The DNS name for the SVN mirror was changed a few days ago into a >>>CNAME that points to svnmir.ysv.FreeBSD.org and it no longer matches >>>the certificate that you have saved on your system, hence the >>>complaint. It's safe to accept the "new" cert. >>> >>>-Kimmo >> >> ok, great, thanks for clarifying this. >> >> Anton > > Np. > > You can always check the fingerprints of the certificates manually if > there's any lingering doubt :) > > -Kimmo Btw, I was about to ask if the SSL certificate fingerprints for the SVN mirrors are available somewhere. They are listed in the FreeBSD Handbook: http://www.freebsd.org/doc/handbook/svn-mirrors.html Very nice. -Kimmo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2B7WWSd8r8wrfqBHaRXrXBH_9k3v4feN2re4ZwQ=6sUf6Qywnw>