How do I use a custom Certificate Authority in Sha

2019-09-15 05:30发布

问题:

I am trying to access a subversion repository using SharpSvn. The repository is only available via https and the machine uses its own private certificate authority (don't worry about the security here, I trust the authority).

I have the Certificate Authority's public root certificate, however due to user access rights I cannot install the certificate into the certificate store.

If I use subversion directly, I can add:

servers:global:ssl-authority-files=/path/to/cacert.crt
servers:groups:myhost=myhostsdns.com

either as command line objects or to the config file.

How do I set these options in SharpSvn so that I can use the cacert.crt file so that I don't get "certificate verification failed" when I try to access my repository, and I don't have to just ignore the error?

Many thanks

回答1:

How is it that it's only after you ask the question that you realize the answer?

I solved this by setting the configuration options on the SvnClient object as such:

SvnClient _svnClient = new SvnClient();
_svnClient.Configuration.SetOption("servers", "global", "ssl-authority-files", "/path/to/cacert.crt");
_svnClient.Configuration.SetOption("servers", "groups", "myhost", "myhostsdns.com");

Apologies on the self help, hope it helps the next person.



回答2:

Expanding on the comment of Bert Huijben (above):

client.Authentication.SslServerTrustHandlers += new EventHandler<SharpSvn.Security.SvnSslServerTrustEventArgs>(Authentication_SslServerTrustHandlers);
void Authentication_SslServerTrustHandlers(object sender, SharpSvn.Security.SvnSslServerTrustEventArgs e)
{
    // Look at the rest of the arguments of E, whether you wish to accept

    // If accept:
    e.AcceptedFailures = e.Failures;
    e.Save = true; // Save acceptance to authentication store
}