-----BEGIN PGP SIGNED MESSAGE-----
- --- Loritsch, Berin wrote: ---
> This one client that is failing, are any of the other clients using the
> 0.9.8k version of OpenSSL?
Only this specific client. Our workstation computers still run with
Ubuntu hardy and the old 0.9.8g version of OpenSSL.
> It does seem odd that a certificate from an older version of OpenSSL would
> stop working with a newer version. That is unless the certificate is
> technically invalid and the OpenSSL team fixed that problem.
The same client certificate works on all our other workstations that run
OpenSSL 0.9.8g on ubuntu hardy.
One Thing of note that I forgot in my initial post and that was
partially mentioned by Johan:
> Can you try some tests without svn, for instance set up apache to
> serve a simple static page protected by client cert authentication,
> and try to access that with that cert using openssl 0.9.8g vs. 0.9.8k?
The access via the dav_svn module in a web browser from the failing
client works like a charm. There are no error messages, the SSL
handshake works fine. the content of the repository is shown in the
browser. This also works from all our regular workstations.
So this Problem seems to be subversion specific.
I will setup a test server on thursday with a current version of apache,
subversion and openssl and test if the failing client still has problems.
Technische Universitšt Berlin
An-Institut Deutsche Telekom Laboratories
FG Intelligente Netze
Sekr. TEL 16
z.Hd. Bernd May
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
Received on 2010-10-12 19:57:44 CEST