Re: Trouble with client certificates in Windows certificate store

From: Damon Wischik <damonwischik_at_gmail.com>
Date: Tue, 9 Oct 2012 13:23:42 -0700 (PDT)

On 09.10.2012, Stefan Küng wrote:
> On 09.10.2012 08:25, Damon Wischik wrote:
>> Why should it work when TortoiseSVN finds the p12 from the Subversion
>> servers file, but fail when it finds the p12 from the Windows
>> Internet Options certificate store?
>
> When you specify the p12 file, the signature doesn't have to be valid.
> However, if you install the certificate, it must be signed properly and
> the signature must be valid.

When I look at my certificate properties in the Windows store, it says "Certificate status: this certificate is OK". Does this mean that it's signed properly? My certificate is signed by a self-signed CA that I created, and that I have installed into the Windows certificate store as a trusted root CA.

Might it be that OpenSSL is not following through and trusting my self-signed root CA?

> Also, when using the windows cert store, OpenSSL only allows SHA1, MD5
> and MD5_SHA1 algorithms.

I have set my Apache configuration to
SSLCipherSuite RC4-MD5
SSLProtocol -ALL +SSLv3 +TLSv1
So I am using the MD5 digest algorithm.

Damon.

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3019260

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2012-10-09 22:23:46 CEST

This message: [ Message body ]
Next message: Roedy Green: "Optimum Installer"
Previous message: Stefan Küng: "Re: Trouble with client certificates in Windows certificate store"
In reply to: Stefan Küng: "Re: Trouble with client certificates in Windows certificate store"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]