REDMINE COOKBOOK
Blog Hosting Contact Author
17-10-2016 Aleksandar Pavic

Redmine SVN repository 404 after SSL certificate renew

Problem description:

Project's repository is configured to connect to SVN via HTTPS, and HTTPS SSL certificate has been renewed.

Notice: This is not uncommon issue, because all HTTPS certificates do have expirty date!

When repository tab is clicked, it just gives 404 description, while in same time, it dumps:

Error parsing svn output: #<REXML::ParseException: No close tag for /lists/list

In a  logfile (production.log or other, depending upon your environment).

This is just a baiscally issue described in Redmine's FAQ, and/or submitted several times as a Bug/Featrure request...

The behavior of Redmine in this case is not properly implemented with a reason. There is no easy, and fully-functional way to implement it on cross-platform basis, because of svn client's behavior, since it asks for user action offering to accept certificate temporarily, permanently or reject it, and --trust-server-cert --no-auth-cache --non-interactive is obviously a bug or not implemented properly, because it does not trust server certificate and performs operation, instead it cancels the operation, dumping error message E230001 on the screen, thus causing error 404 in Redmine, and dump inside the log. 

user@host:~/public_html$ svn up --trust-server-cert --no-auth-cache --non-interactive
Updating '.':
svn: E230001: Unable to connect to a repository at URL 'https://my_svn.com/svn/project/branches/production'
svn: E230001: Server SSL certificate verification failed: certificate issued for a different hostname

The proper way to resolve this would be to report a bug to SVN open-source community (which I will do), pray they accept it, and then have Redmine developers implement a change in Redmine's SVN adapter with alert that SVN repository's SSL certificate is changed and offer user a choice to accept or reject it...

svn client's proper behavior/feature should probably be something like

svn up --trust-server-cert=p (p for permanent, for example).

And if such change is implemented by SVN team, then later it can be implemented by Redmine team, where choice would be given to a user or admin to accept or reject change in SVN server's SSL certificate.

The solution:

Finally, how to quickly solve this problem! (Notice: this solution is tested on Linux, and adjust paths and usernames to fit your server's configuration)

  1. Login to your server as a redmine user and open console or login via SSH 
    1. (if you are root, then: su - redmineuser)
  2. perform svn list https://yourSVNRepository
  3. accepted certificate permanently
  4. loggin back to your Redmine and clicke on repository - now working