[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Client Certificate Authentication/Authorization (Bad) Log Entries

From: <Steve.Craft_at_sungard.com>
Date: 2006-05-22 16:16:53 CEST

After some more log inspection/deduction, it appears that Tortoise is
getting a message from the server (possibly the client-certificate
challenge from Apache?), registering it as an "error" and retrying. For
every DAV command (eg PROPFIND) given by Tortoise, 4 errors are generated
on the Apache side. I think after 4 retries Tortoise gives up. So maybe
what is happening is that Tortoise won't handle client-side certificate
prompts?

Anybody?

----------------------

Maybe this will help anyone help me?

An entry in my error.log file looks like this:

[Thu May 18 16:19:52 2006] [error] Re-negotiation handshake failed: Not

accepted by client!?

An entry in my ssl_request.log file looks like this:

[18/May/2006:16:19:52 -0400] 216.203.6.11 TLSv1 DHE-RSA-AES256-SHA

"PROPFIND /svn/repos.......... HTTP/1.1" -

An entry in my transfer.log file looks like this:

216.203.6.11 - - [18/May/2006:16:19:52 -0400] "PROPFIND

/svn/repos.......... HTTP/1.1" 403 -

Also, in my ssl.conf, if I set "Require valid-user", after the certificate

handshake works (browsing only, no DAV), I get prompted for name/password.

Should that just be commented out always if I am using client certificates?

Thanks.

---------------------------------------------------------------------

To unsubscribe, e-mail: users-unsubscribe@tortoisesvn.tigris.org

For additional commands, e-mail: users-help@tortoisesvn.tigris.org

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: users-help@tortoisesvn.tigris.org
Received on Mon May 22 16:35:06 2006

This is an archived mail posted to the TortoiseSVN Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.