Subversion client, SSL and expiring CRLs

From: Graham Leggett <minfrin_at_sharp.fm>
Date: 2005-03-01 11:37:10 CET

Hi all,

Recently our svn server starting throwing errors like this:

Graham-Leggetts-Computer:~/src/standard/hoops2 minfrin$ svn commit
src/QADLibs/local/date/date.h
subversion/libsvn_client/commit.c:765: (apr_err=175002)
svn: Commit failed (details follow):
subversion/libsvn_ra_dav/util.c:670: (apr_err=175002)
svn: OPTIONS request failed on
'/repos/fo/hoops/hoops/trunk/src/QADLibs/local/date'
subversion/libsvn_ra_dav/util.c:294: (apr_err=175002)
svn: OPTIONS of '/repos/fo/hoops/hoops/trunk/src/QADLibs/local/date': SSL
negotiation failed: SSL error: sslv3 alert certificate expired
(https://subversion.xxx.co.za)

Turns out this was caused by a certificate revocation list that needed to
be updated.

If practical (in other words, if openssl can distinguish this error) could
the message "certificate expired" be changed to "crl expired"? This should
prevent people going on wild goose chases in future looking for expired
certs when the certs have not actually expired :(

Regards,
Graham

--
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Tue Mar 1 11:38:24 2005

This message: [ Message body ]
Next message: Tobias Ringström: "Re: Subversion client, SSL and expiring CRLs"
Previous message: VK Sameer: "Re: [PATCH] issue 2154 - svn blame on a directory over DAV does not return gracefully"
Next in thread: Tobias Ringström: "Re: Subversion client, SSL and expiring CRLs"
Reply: Tobias Ringström: "Re: Subversion client, SSL and expiring CRLs"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]