[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: ssh based access?

From: Peter Mathiasson <peter_at_mathiasson.nu>
Date: 2002-04-18 20:15:05 CEST

On Thu, Apr 18, 2002 at 01:35:53PM -0400, Scott Lenser wrote:
> machine to be encrypted. It could just be my general lack of understanding of
> exactly how certificates are done, but I gave up after I add made what I thought
> was a valid certificate and compiled apache with ssl support and then went to
> try it and got nothing. Non-ssl connections could be used fine. I think any

Subversion does not yet support verification of certificates, so using
ssl (directly) with it is quite useless. If you need SSL right now, I
would recommend tunneling it using stunnel (www.stunnel.org).

I've never tried Apache's SSL support using client side certificates, so
I have no idea if that's working.

Currently, with all this new software I tunnel it through stunnel and
check client side certificates. That way apache/svn/ is not exposed to
the internet, just to clients who can provide a valid certificate.

-- 
Peter Mathiasson, peter at mathiasson dot nu, http://www.mathiasson.nu
GPG Fingerprint: A9A7 F8F6 9821 F415 B066 77F1 7FF5 C2E6 7BF2 F228

  • application/pgp-signature attachment: stored
Received on Thu Apr 18 20:16:22 2002

This is an archived mail posted to the Subversion Dev mailing list.