<<TableOfContents>>
= Supported system properties and configuration options =
This section contains information on configuring the [[SVNKit]] library - in order that one can adjust the library up to his individual wishes. Here you will find information on what configuration files [[SVNKit]] uses during runtime, what system properties are used in that case when config files are not available, and so on. 

== HTTP proxy setup ==
By default [[SVNKit]] uses proxy settings from the ''servers'' configuration file that is located in the default [[http://subversion.tigris.org|Subversion]] run-time configuration area. 

Default configuration area is located at {{{~/.subversion}}} on Linux and OS X and at {{{C:\Documents and Settings\userName\Application Data\Subversion}}} on Windows. You may read more on Subversion client configuration files in the [[http://svnbook.red-bean.com/nightly/en/svn.advanced.confarea.html|Subversion Book]]. 

== SVN+SSH authentication with Subclipse ==
If you're using [[SVNKit]] with [[http://subclipse.tigris.org|Subclipse]] version 0.9.37 or newer there is no need to use system properties to define SSH credentials, [[http://subclipse.tigris.org|Subclipse]] will automatically prompt you for private key or password during establishing SSH connection. 

== SVN+SSH authentication with private key ==
By default [[SVNKit]] tries to obtain all necessary information from the {{{[tunnels]}}} section of the ''config'' file that is located in the default SVN run-time configuration area. However if that information is not complete or not found at all, [[SVNKit]] tries then to use predefined system properties listed beneath. 

[[SVNKit]] uses a pure java [[http://www.ganymed.ethz.ch/ssh2|Ganymed library]] to establish SSH connections. This library supports only SSH version 2, with password or private key authentication. You may use the following system properties to let [[SVNKit]] know about your private key and passphrase: 
{{{
svnkit.ssh2.key = /path/to/private/key/file 
svnkit.ssh2.username = userName  
svnkit.ssh2.passphrase = optionalPassphrase 
svnkit.ssh2.password = userpassword
svnkit.ssh2.port = optionalPort
}}}

== SVN+SSH authentication with private key in Eclipse ==
When starting [[http://eclipse.org|Eclipse]] you can provide the above properties like this: 
{{{
$ eclipse -vmargs \ 
-Dsvnkit.ssh2.key=/path/to/private/key/file \
-Dsvnkit.ssh2.username=userName \ 
-Dsvnkit.ssh2.passphrase=optionalPassphrase \
-Dsvnkit.ssh2.password=userpassword \
-Dsvnkit.ssh2.port=optionalPort
}}}

{i} Note: a user name for an ssh connection will be taken from SVN Repository properties.

To avoid special batch script creation to launch [[http://eclipse.org|Eclipse]] you may define ssh related properties in [[http://eclipse.org|Eclipse]] config.ini file - {{{ECLIPSE_HOME/configuration/config.ini}}} (tip provided by Andrew Berman): 
{{{
  ...
  svnkit.ssh2.key=path/to/private/key/file
  svnkit.ssh2.passphrase=passphrase
  svnkit.ssh2.username=username
  svnkit.ssh2.password=userpassword 
  svnkit.ssh2.port=port
}}}

== SSL Connections ==
[[SVNKit]] uses SSL support included into JDK. Some JDK versions don't support SSL server certificates longer than 1024 bytes or don't support certain Cypher Suites. If you're experiencing problems accessing a [[http://subversion.tigris.org|Subversion]] repository over SSL connection (via https protocol) consider using the latest JDK version and upgrading the JDK JCE package (Cryptotgraphic Extension) to an "unlimited strenght" one. Read [[http://java.sun.com/products/jce/javase.html|this article]] for more details on how to install JCE. 

== Trusting SSL Certificates ==
If [[SVNKit]] is used as a standalone library and no custom authentication provider is registered, [[SVNKit]]: 

 * by default trusts all SSL servers, though it doesn't cache server certificates; 
 * or uses a default JDK certificates storage to get SSL certificates of the trusted servers; 
 * and additionally it uses authority certificate files listed in the [[http://subversion.tigris.org|Subversion]] ''servers'' configuration file in these options: 
{{{
### 'ssl-authority-files' is a semicolon-delimited list of files,
### each pointing to a PEM-encoded Certificate Authority (CA) 
### SSL certificate.
ssl-authority-files = /path/to/CAcert.pem;/path/to/CAcert2.pem

### 'ssl-trust-default-ca'       Trust the system 'default' CAs
ssl-trust-default-ca = yes
}}}

== Client SSL authentication ==
In the [[http://subversion.tigris.org|Subversion]] ''servers'' configuration file you can specify your SSL authentication certificate files for a specific group: 
{{{
ssl-client-cert-file=      PKCS#12 format client certificate file
ssl-client-cert-password=  Client Key password, if needed.
}}}

Read more information on this options in the [[http://svnbook.red-bean.com/en/1.1/svn-book.html#svn-ch-7-sect-1.3|Subversion book]].

Also you can set the following system properties to define global SSL authentication certificate files:
{{{
svnkit.ssl.client-cert-file=     PKCS#12 format client certificate file
svnkit.ssl.client-cert-password= Client Key password, if needed.
}}}

== HTTP authentication cache ==
To disable caching of any authentication data during HTTP operations you can provide the following property:
{{{
svnkit.http.keepCredentials=false
}}}
By default [[SVNKit]] keeps user credentials

== Working copy upgrade ==
By default any ''write'' operation on a working copy upgrades it to the most recent format, currently it is subversion 1.5 working copy format.
You can disable this behavior by specifying the system property:
{{{
svnkit.upgradeWC = false
}}}
It also may be helpful for you to read [[SVNKit_FAQ#q_wc_format|this article]] concerned with working copy format