Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 03-31-2008, 09:20 PM   #1
Registered: May 2006
Location: Cincinnati, Ohio
Distribution: Ubuntu
Posts: 256

Rep: Reputation: 30
Force Accept Certificates when Using mount.davfs?

  1. I provided as much detail as I thought relevant. It may be overload, which is why I included "The Short Story".
  2. The URIs and confidential information was deliberately obfuscated, but the content is otherwise verbatim.
  3. I'm not sure if I need to involve the davfs2.conf here, it doesn't seem to have any helpful options for this problem. FWIW, mine is unchanged from defaults.
  4. Yes, I realize I could just purchase an SSL cert and this warning would go away, that's not the point.

The Short Story:
I'm in need of a way to bypass the untrusted server warning you get when mounting a secure WebDAV share with davfs2, or a workaround that does effectively the same thing. That's probably not enough to go on, so...

The Long Story:
CPanel 11 has this great WebDAV interface called "Web Disk". It's just an easy-to-configure WebDAV share, using SSL to talk on port 2078. However, their instructions for accessing the share with Gnome are rubbish, so I had to find my own path.

I found the package davfs2, which meets my needs... almost. I can use it to make an fstab entry like:
Code: /media/ davfs uid=user,gid=group 0 0
Then in /etc/davfs2/secrets:
Code:    username        password
This does what I'm looking for: mounts the Secure WebDAV share to /media/ using a given username/password.

BUT, it prompts each time with a security warning:
/sbin/mount.davfs: the server certificate does not match the server name
/sbin/mount.davfs: the server certificate is not trusted
  issuer:      Unknown, Unknown, Unknown, Unknown, US
  subject:     Unknown, Unknown, Unknown, Unknown, US
  fingerprint: a1:1a:11:af:11:11:11:1f:11:ad:1c:11:1a:11:11:11:aa:1b:db:fd
You only should accept this certificate, if you can
verify the fingerprint! The server might be faked
or there might be a man-in-the-middle-attack.
Accept certificate for this session? [y,N]
I can't figure out how to avoid this prompt. I saw this in /etc/davfs2/secrets:
# Password for Client Certificate
# -------------------------------
# It must contain the name of the certifcate file and the encryption passord.

# Examples
# otto_private.crt              "this is extraordinary secret"
# "otto private.crt"            this\ is\ secret,\ too.
So I generated a self-signed certificate (via WHM, but that's just a frontend) and saved it as example.crt in /etc/davfs2/certs:

Then put this into secrets:
/etc/davfs2/certs/example.crt  password
Nothing. I also tried it without the absolute path. Do I need to put the RSA key into private or something? I'm not clear on how the Certificates work here.

So what can I do to avoid that warning every time I start up or mount the share?

Last edited by RAdams; 03-31-2008 at 09:25 PM. Reason: Added note about davefs2.conf
Old 09-25-2008, 04:23 AM   #2
LQ Newbie
Registered: Oct 2006
Location: Norway
Distribution: Ubuntu
Posts: 3

Rep: Reputation: 0
Did you find a solution to this? I am trying to do the same thing.
Old 10-22-2008, 09:28 AM   #3
LQ Newbie
Registered: Oct 2008
Posts: 1

Rep: Reputation: 0

What worked for me was to add the CA certificate to the PEM file containing the server certificate. The CA certificate should be placed in front of the server certificate in the PEM file:

root@client:/etc/davfs2/certs# cat server.pem
; CA certificate
; server certificate


certificate, crt, ssl, webdav

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Where do I get mount.davfs from yum? Rotwang Red Hat 2 09-16-2007 12:42 PM
Force mount, SuSe linqz Linux - Newbie 2 11-08-2006 09:25 AM
How do I force xorg.conf to accept certain refresh rate? ExCIA Debian 9 08-06-2006 08:11 PM
Kontact will not accept self signed certificates apostate Linux - Software 0 03-01-2006 01:58 AM
Locked Archive or Installer to force end users to accept a license agreement diven Linux - General 1 05-03-2005 07:45 PM > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 06:48 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration