SSL + svn under Apache

Ok, I really need to document this for future. This costs waaaay too much time even having clues from all kinds of places.

Anyway, I was busy making a simple script to update a site remotely by triggering an svn checkout. Easy thing except for that the connection to repository is done using HTTPS and guess what – the certificate needs to be accepted. Trying things like ‘–trust-server-cert’ (needed to upgrade to svn 1.6.x for trying this out, on Ubuntu point to the Lucid repository if anyone needs it) didn’t help. Then I played ‘smart’ and logged in under the Apache user and tried to do the same trick manually. I’ve got to the point of accepting the certificate, etc, but… next time the same story.

Well, what ought to happen was that the user home folder (/var/www in my case) was NOT owned by the Apache user, but by the root. Damn… all the certificate acceptance stuff simply went nowhere, but I didn’t get a single warning on that!

So the solution was simple – make /var/www owned by the actual Apache user (www-data in my case under Ubuntu), log in under this user (sudo so www-data) and perform the operations I needed with the svn repository manually ONCE not forgetting to accept the certificates PERMANENTLY of course. Since then everything works fine.

Life goes by…