当前位置: 文江博客话题详情

Xcode 4 SVN 挂在“签出”处如果需要客户端证书

发布于 2024-11-07 07:09:43 字数 183 浏览 0 评论 0原文

我正在尝试让 Xcode 4 与我的 svn 存储库一起工作。我输入 svn 地址,它说可以访问,但是当我尝试查看时,它显示“服务器‘svn.testbedapp.com’需要客户端证书”。 (它不提供提供证书的选项),然后它会用旋转轮无限期地显示“正在签出'ProjectName'”。

我有什么想法如何提供证书或让它检查任何内容吗?

原文

I am trying to get Xcode 4 working with my svn repository. I type in the svn address, which it says is reachable, but when I try to check out, it comes up with "The server 'svn.testbedapp.com' requires a client certificate." (it doesn't provide the option to supply the certificate) and then it shows "Checking out 'ProjectName'" indefinitely with s pinning wheel.

Any ideas how I supply the certificate or get it checking anything out?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

被翻牌 2024-11-14 07:09:43

这是一个已知问题。

打开终端,输入

svn ls <您的存储库地址>

确认证书,检查登录/密码。
之后,repo 将在 xcode 中正常工作。

It's a known issue.

Open terminal, type

svn ls <your repository address>

confirm certificates, check login/pass.
After that repo will work fine in xcode.

回复 原文
﹏半生如梦愿梦如真 2024-11-14 07:09:43

您可以将证书文件名放入 SVN 配置文件中,

 ~/.subversion/servers

[global] 部分中只需添加一行(使用完整路径 - 非相对路径)

ssl-client-cert-file = /path/to/your/certificate.p12

或者您也可以添加

ssl-client-cert-password = yourpassphrase 
store-passwords = yes
store-ssl-client-cert-pp = yes**

You can put your certificate file name to SVN configuration file

 ~/.subversion/servers

In section [global] just add a line (use a full path - not relative)

ssl-client-cert-file = /path/to/your/certificate.p12

Optionally you can add also

ssl-client-cert-password = yourpassphrase 
store-passwords = yes
store-ssl-client-cert-pp = yes**
回复 原文
情话墙 2024-11-14 07:09:43

回答原来的问题:

服务器“foo.example.com”需要客户端证书。

翻译:Xcode 在您的钥匙串中找不到 SSL 客户端证书,证书无效,或者如果有多个证书,Xcode 不知道使用哪一个。

要安装钥匙串中的证书:在 Finder 中,打开包含客户端证书的文件(通常是 .p12 文件)。单击“添加”,然后输入密码以解密 .p12 文件。如果您有相应的根证书(通常是 .pem 文件),也请将其导入并在出现提示时单击“始终信任”。

要确保证书有效:在“钥匙串访问”中,选择客户端证书并查找绿色复选标记和“此证书有效”字样。

  • 如果您看到“此证书由未知机构签署”,
    安装相应的根证书。
  • 如果您看到“此证书由不受信任的颁发者签名”,请查找显示“颁发者”的位置,按该名称查找相应的根证书,并将根证书标记为受信任(至少对于 X.509 基本策略) 。
  • 如果您看到“此证书已过期”,请将其删除并获取新的。

要将 URL 与特定证书关联:您需要身份首选项。 Xcode 无法做到这一点,但 Keychain Access 和 Safari 都可以。在“钥匙串访问”中,选择客户端证书并选择“文件”菜单 > “钥匙串访问”。新的身份偏好……输入存储库 URL(例如 https://foo.example.com/path/to/repository)并单击“添加”。

或者:在 Safari 中,转到您的存储库 URL。如果安装了多个证书,Safari 会提示“网站“foo.example.com”需要客户端证书”并显示证书列表。选择您在步骤 (1) 中安装的那个。

为了让一切正常工作,您还需要克服这两个常见错误:

客户端证书文件名:身份验证领域:https://foo.example.com:443

翻译:Subversion 不能在磁盘上找到您的 SSL 客户端证书。

Xcode 使用 Keychain,Subversion 本身(从 v1.4 开始)也使用 Keychain 作为密码。然而,对于证书,Subversion 必须指向磁盘上的文件。

1)在您喜欢的文本编辑器中打开~/.subversion/servers。在底部添加一行,

ssl-client-cert-file = /path/to/first.last.p12

其中的值是 PKCS#12 格式的客户端证书的路径。

svn:“https://foo.example.com/path/to/repository”的选项:SSL 握手失败,请求客户端证书:SSL 错误:sslv3 警报握手失败

翻译: Subversion 找不到用于解密您的 SSL 客户端证书的密码。

请参阅上面的说明。

要将 .p12 密码保存在钥匙串中:在终端中,键入

svn ls https://foo.example.com/path/to/repository
  • 出现提示时,输入 .p12 文件的密码。这将作为应用程序密码存储在您的钥匙串中。
  • 出现提示时,输入 Mac 的管理员密码。
  • 出现提示时,输入您的服务器凭据。这也将作为应用程序密码存储在您的钥匙串中。

此时,您应该看到存储库的内容显示在终端中。

注意:如果您使用 Black Pixel 版本,则至少 v1.2.2 似乎在使用 Keychain 作为密码时遇到问题,因此在 ~/.subversion/servers 中,您还需要添加以下行

ssl-client-cert-password = yourpassword

:密码是明文的。 (这显然不安全,所以除非必要,否则不要这样做。)

To answer the original question:

The server “foo.example.com” requires a client certificate.

Translation: Xcode can't find the SSL client certificate in your keychain, the certificate is not valid, or if there's multiple certificates, Xcode doesn't know which one to use.

To install a certificate in your keychain: In Finder, open the file that contains your client certificate (typically a .p12 file). Click Add, then enter the password to decrypt the .p12 file. If you have the corresponding root certificate (typically a .pem file), import it as well and click "Always Trust" when prompted.

To make sure the certificate is valid: In Keychain Access, select the client certificate and look for a green checkmark and the words "This certificate is valid".

  • If you see "This certificate was signed by an unknown authority",
    install a corresponding root certificate.
  • If you see "This certificate was signed by an untrusted issuer", look for where it says "Issued by", find the corresponding root certificate by that name, and mark the root certificate as trusted (at least for X.509 Basic Policy).
  • If you see "This certificate has expired", delete it and get a new one.

To associate the URL with a specific certificate: You need an identity preference. Xcode can't do this, but both Keychain Access and Safari can. In Keychain Access, select the client certificate and choose File menu > New Identity Preference…. Enter the repository URL (e.g. https://foo.example.com/path/to/repository) and click Add.

Alternatively: In Safari, go to your repository URL. If there are multiple certificates installed, Safari will prompt "The website “foo.example.com” requires a client certificate" and show a list of certificates. Choose the one you installed in step (1).

To get everything working, you also need to get past these two common errors:

Client certificate filename: Authentication realm: https://foo.example.com:443

Translation: Subversion can't find your SSL client certificate on disk.

Xcode uses Keychain, and Subversion itself (as of v1.4) uses Keychain as well for passwords. For certificates, however, Subversion must be pointed to files on disk.

1) Open ~/.subversion/servers in your favorite text editor. At the bottom, add the line

ssl-client-cert-file = /path/to/first.last.p12

where the value is the path to your client certificate in PKCS#12 format.

svn: OPTIONS of 'https://foo.example.com/path/to/repository': SSL handshake failed, client certificate was requested: SSL error: sslv3 alert handshake failure

Translation: Subversion can't find the password to decrypt your SSL client certificate.

See explanation above.

To save your .p12 password in Keychain: In Terminal, type

svn ls https://foo.example.com/path/to/repository
  • When prompted, enter the password for the .p12 file. This will be stored in your keychain as an application password.
  • When prompted, enter the administrator password for your Mac.
  • When prompted, enter your server credentials. This will also be stored in your keychain as an application password.

At this point, you should see the contents of your repository displayed in Terminal.

Note: If you use Versions by Black Pixel, at least v1.2.2 seems to have trouble using Keychain for passwords, so in ~/.subversion/servers you'll also need to add the line

ssl-client-cert-password = yourpassword

where your password is in cleartext. (This is obviously not secure, so don't do it unless you have to.)

回复 原文
~没有更多了~

关于作者

不即不离

暂无简介

0 文章
0 评论
21 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

lorenzathorton8

文章 0 评论 0

Zero

文章 0 评论 0

萧瑟寒风

文章 0 评论 0

mylayout

文章 0 评论 0

tkewei

文章 0 评论 0

17818769742

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文