I'm currently working on a project to automate checking in files to a Subversion repository hosted with TeamForge/Collab.net. I'm using SVNKit to handle the interactions between this program and the repository. Here's the relevant Java pieces I'm using for authentication:
SVNURL url = SVNURL.parseURIEncoded("https://blah.collab.net/svn/repos");
ISVNAuthenticationManager mAuthManager = new BasicAuthenticationManager(new SVNAuthentication[]{
SVNSSLAuthentication.newInstance(new File(certFilePath), certFilePassPhrase, true, url, false),
SVNPasswordAuthentication.newInstance(login, passCharArray, false, url, false);
});
I generated the self-signed certificate using the following OpenSSL commands:
//generating a key and self-signed certificate
openssl req -x509 -sha256 -days 365 -newkey rsa:2048 -keyout private.key -out cert.crt -subj "/CN=svn.example.com"
//extracting public key from cert.crt
openssl x509 -in cert.crt -pubkey -noout
I've placed the public key in the "Authorization Keys" tab under my profile on TeamForge. In SVNKit, I'm specifying the cerFilePath as "path/to/cert.crt" and the certFilePassPhrase to be the same as used when creating the self-signed certificate.
Thus far, certificate authentication has always failed and fallen back onto the login/password, where I have the user manually inputting that information into the console on runtime. So the program is allowed to work, but I wouldn't be able to automate/schedule it without storing those user credentials.
What is the proper configuration of an SSL certificate with TeamForge? Am I generating my self-signed one correctly?