How do you accept an SSL certificate through the SVN command line?

Question

Is there an command line option to auto accept a SSL certificate permanently using the SVN commandline in a way that avoids the prompt?

Answer 1

It depends somewhat on your version of SVN. Recent (1.6+) ones have the usual --non-interactive (which you want to use to avoid prompts) and also a --trust-server-cert that may do what you want.

Answer 2

Using --trust-server-cert will not permanently accept the SSL certificate. You can permanently accept the SSL certificate via the command line using Input Redirection and not using --non-interactive.

Here's an example for Unix/Linux:

svn list [TARGET] << EOF
p
EOF

NOTE: The "p" above is for (p)ermanently.

Answer 3

My solution uses expect. It isn't secure but it will work when the other solutions won't.

#!/usr/bin/expect -f

set svn_username [lindex $argv 0]
set svn_password [lindex $argv 1]
set svn_url [lindex $argv 2]

spawn svn --username=${svn_username} --password=${svn_password} list ${svn_url}
expect "(R)eject, accept (t)emporarily or accept (p)ermanently? "
send -- "p\r"
expect "Store password unencrypted (yes/no)? "
send "no\r"
expect -re "root@.*:\/#"

Answer 4

You should be able to download the certificate and then place it in the appropriate directory. Or you can download the CA certificate and then set the configuration option ssl-authority-files to trust that CA.

See the SSL Certificate Management section in the book.