[asterisk-dev] New CA cert for Subversion - please read
Jeff Peeler
jpeeler at digium.com
Thu Apr 15 11:22:52 CDT 2010
It has been observed in some later distros (namely Fedora 12 and
Debian unstable so far) that the SSL libraries used by Subversion will
no longer accept our MD5 signed CA cert. To head off the issue before
the problem becomes more widespread using a new CA which is SHA-1
signed is required. The only changes required on the client side are:
Download the new CA cert from repotools
(https://origsvn.digium.com/svn/repotools) and put it in the same
location as the current CA cert (most likely ~/.subversion). Then
modify your servers config file to include the new CA, for example:
ssl-authority-files =
/home/putnopvut/.subversion/Digium_SVN-cacert.pem;/home/putnopvut/.subversion/Digium_SVN-cacert-sha1.pem
After a few weeks the server cert will be switched over and
everybody's config will already have the necessary changes.
--
Jeff Peeler
Digium, Inc. | Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at www.digium.com & www.asterisk.org
More information about the asterisk-dev
mailing list