Re: Bug report: Regression SVN Client, SSL, Serf 1.3.9-3, SSLVerifyClient require
From: Philip Martin <philip_at_codematters.co.uk>
Date: Tue, 31 Jul 2018 16:04:55 +0100
Folker Schamel <schamel23_at_spinor.com> writes:
> After upgrading, Subversion SSL connections with "SSLVerifyClient
I can use client certificates on my Debian machine using 1.3.9-3 with
I think that one of the changes between 1.3.8-1 and 1.3.9-3 on Debian is
You could use the openssl binary to debug the ssl connection. First you
openssl pkcs12 -in path/to/svn/cert.p12 -out cert.pem
then you can use:
openssl s_client -connect example.com:443 -servername example.com -cert cert.pem
If you are using ssl-authority-files in .subversion/servers to verify
openssl s_client ... -CAfile path/to/authority.pem
The s_client output may indicate what problem is occurring.
> For the broken setup, the client reports:
TortoiseSVN is probably built with openssl 1.1 as well.
> [Tue Jul 31 15:30:43.886183 2018] [ssl:debug] [pid xxxxx:tid xxxxx]
That looks like SNI isn't working but I don't know if that is relevant
> <Location /svn>
DEFLATE combined with mod_dav_svn had problems in the past but I think
-- PhilipReceived on 2018-07-31 17:05:12 CEST
This is an archived mail posted to the Subversion Dev mailing list.