[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Svn: "certificate has expired"

From: Graham Leggett <minfrin_at_sharp.fm>
Date: 2005-02-28 15:45:15 CET

Hi all,

Out of the blue, the most bizaare problem has cropped up between an SVN
server and some SVN clients.

Attempts to update to the svn server result in this message:

svn: PROPFIND of '/repos/fo/hoops/hoops/trunk': SSL negotiation failed:
SSL error: sslv3 alert certificate expired (https://subversion.xxx.co.za)

The SVN connection is an https connection with server and client certs.
The usual suspects have been checked and no problems found: the enddates
on all three certs (CA, server, client), and the clocks on both client and
server and correct and valid.

The first problem that is thwarting our debugging attempts is the
misleading message "certificate expired". There are three certificates
(CA, server, client), the error message does not say which cert has
expired, or on which date the cert expired - nothing useful.

Accessing the SVN repo from Firefox results in the same error: "Your
certificate has expired" (Firefox then aborts the attempt to load the
page). Again, Firefox does not explain which certificate "your"
certificate is, what it is called, or when it expired.

Accessing the SVN repo via a browser without the client cert installed
causes access to the public sections of the repo to be granted, so the
problem seems to be the client cert, although there is nothing obviously
wrong with them - they are still valid for another 11 months.

Anybody encountered any twilight zone errors like this?

Regards,
Graham

--
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Feb 28 15:46:33 2005

This is an archived mail posted to the Subversion Dev mailing list.