How to make CruiseControl.NET accept SSL certificate under Windows Server 2008?

If you are running CruiseControl.NET under the Local System account and your SVN server certificate was issued by yourself (or by VisualSVN Server) you will quickly run into trouble. Normally if you run any command on your repository you will get this information:
C:\Program Files\svn\bin>svn log https://your_server/svn/your_repository/trunk –username username –password password
Error validating server certificate for ‘https://your_server:443′:
– The certificate is not issued by a trusted authority. Use the
fingerprint to validate the certificate manually!
– The certificate hostname does not match.
Certificate information:
– Hostname: your_server
– Valid: from Sat, 26 Sep 2009 17:24:27 GMT until Tue, 24 Sep 2019 17:24:27 GMT
– Issuer: your_server
– Fingerprint: 24:8e:f6:ba:c7:a6:3f:69:32:c0:21:92:64:44:62:fe:2c:bb:b4:69
(R)eject, accept (t)emporarily or accept (p)ermanently?
If you accept you will not be bothered again. But CCNet works as a Windows Service. There is no one to make the decision. How to deal with this issue. Well earlier it was easy enough. You had to use one of the security holes and start cmd.exe in interactive mode wit at command (look here for more details). But with Windows Server 2008 it is not possible you will simply get this:
C:\Users\Administrator>time
The current time is: 23:31:11.59
Enter the new time:
C:\Users\Administrator>at 22:32 /interactive cmd.exe
Warning: Due to security enhancements, this task will run at the time
expected but not interactively.
Use schtasks.exe utility if interactive task is required (‘schtasks /?’
for details).
Added a new job with job ID = 1
How to deal with this. There is very easy solution. Set the CruiseContril.NET service “Allow to interact with desktop” flag (Start –> Control Panel –> Administrative Tools –> Services –CruiseControl.NET) like this
image
Restart the service and wait a while for this windows to appear:
image
Select show me the message.
Voila! You have command line as Local System user available. You can now issue the
C:\Program Files\svn\bin>svn log https://your_server/svn/your_repository/trunk –username username –password password
command and accept the SSL certificate permanently.
Local Service User Accepting SSL SVN certificate fir CruiseControl.NET server
From this time on you CCNet server will not have any problems with accessing your secured repository.

2 Comments

Leave a Reply to Gale Yetsko Cancel reply

Your email address will not be published. Required fields are marked *