[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Subversion client, SSL and expiring CRLs

From: Graham Leggett <minfrin_at_sharp.fm>
Date: 2005-03-01 11:37:10 CET

Hi all,

Recently our svn server starting throwing errors like this:

Graham-Leggetts-Computer:~/src/standard/hoops2 minfrin$ svn commit
subversion/libsvn_client/commit.c:765: (apr_err=175002)
svn: Commit failed (details follow):
subversion/libsvn_ra_dav/util.c:670: (apr_err=175002)
svn: OPTIONS request failed on
subversion/libsvn_ra_dav/util.c:294: (apr_err=175002)
svn: OPTIONS of '/repos/fo/hoops/hoops/trunk/src/QADLibs/local/date': SSL
negotiation failed: SSL error: sslv3 alert certificate expired

Turns out this was caused by a certificate revocation list that needed to
be updated.

If practical (in other words, if openssl can distinguish this error) could
the message "certificate expired" be changed to "crl expired"? This should
prevent people going on wild goose chases in future looking for expired
certs when the certs have not actually expired :(


To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Mar 1 11:38:24 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.