Re: Client Certificate Authentication/Authorization?

Steve.Craft@sungard.com wrote:

> Server is Win32, Svn + Apache. Apache uses client-certificate-only for auth
> (http://www.modssl.org/docs/2.8/ssl_howto.html#auth-particular), so
> everyone can view parts of the system but only those with internal
> CA-issued client certs can access my /svn structure.
>
> I can browse https://theserver/svn/myrepos, get prompted for the client
> cert, select it, and browse.

FYI: viewing a repository with a webbrowser is something completely
different than using an svn client. If one works, that doesn't mean that
the other works too.

> Using Tortoise, if I use the Repo Browser on the same URI:
>
> 1.
>
> Prompt window comes up -
>
> "Error validating server certificate...."
>
> But that does not happen when using IE or Firefox (because I already
> installed the cert).
>
> Where does Tortoise keep it's list of trusted Cas?

Settings->Network, "edit Subversion server file".
Under the section
[global]
ssl-authority-files = /path/to/CAcert.pem;/path/to/CAcert2.pem

TSVN uses the corresponding registry entry under
HKCU\Software\tigris.org\server

Stefan

-- 
        ___
   oo  // \\      "De Chelonian Mobile"
  (_,\/ \_/ \     TortoiseSVN
    \ \_/_\_/>    The coolest Interface to (Sub)Version Control
    /_/   \_\     http://tortoisesvn.tigris.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: users-help@tortoisesvn.tigris.org