[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: tortoise ssl works from one machine but not another

From: Stefan Küng <tortoisesvn_at_gmail.com>
Date: 2007-12-13 20:12:03 CET

david m. chinn wrote:
> I've got subversion running on an apache server in my local net behind my
> firewall.
> I'm using client and server side certificates, signed by a local CA
> (tinyCA).
>
> Two machines pretty much identical have different results when trying to
> checkout from the server.
>
> - the laptop works. I can have tsvn checkout a test repo...
> https://myServer/svn/fooRepo works just fine.
> - the desktop doesn't. when I try to checkout from the same url, I get
> different behavior.
>
> The desktop will ask for a password for the .p12 client certificate (I'm
> pretty sure that's where the password is going), where the laptop will ask
> if it's okay to trust this server, and give a finger print.
>
> When the correct password is typed in (for the desktop) I get the following
> error message
> Error: PROPFIND request failed on '/svn/fooRepo'
> Error: PROPFIND of '/svn/fooRepo': SSL negotiation failed: SSL error: tlsv1
> alert unknown ca (https://dev.hocprofessional.com)
>
> The same CA certificate (.pem file) is installed in the trusted root CA
> store on both browsers.
> The same client certificate (.p12 file) is installed in the personal
> certificate store on both browsers.

Since svn clients don't use the client certificate store of the
browsers, this won't help at all.
If you've set up the server properly, TSVN (or any other svn client)
should *ask* you to provide the client certificate file as soon as the
server requests it.
Then you can have TSVN save the certificate file so you don't have to
provide it again.

Stefan

-- 
        ___
   oo  // \\      "De Chelonian Mobile"
  (_,\/ \_/ \     TortoiseSVN
    \ \_/_\_/>    The coolest Interface to (Sub)Version Control
    /_/   \_\     http://tortoisesvn.net
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: users-help@tortoisesvn.tigris.org
Received on Thu Dec 13 20:12:15 2007

This is an archived mail posted to the TortoiseSVN Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.