[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Problem with SSL auth with preshared certs E120171

From: Simon D Morris <simon.d.morris_at_gb.abb.com>
Date: Fri, 17 Jan 2014 13:46:30 +0000

Symptoms
----------------
Any attempt to connect to the repository using HTTPS (list, checkout)
gives:
"Unable to connect to repository at URL...."
"Error running context: An error occurred during SSL communication"

BUT

- TortoiseHg is OK - can checkout using same keys/certs
- IE is OK - can browse repository using same keys/certs
- Niether TSVN nor the TSVN supplied Command line client work (see below
for output)
- The standard windows command line client works with exactly the same
config file, certs etc (i.e. this one:
http://sourceforge.net/projects/win32svn/ )
- OpenSSL s_client also connects just fine

TSVN 1.7.6 works ok - nothing later seems to
Latest dev build fails too.

Server
----------
 - serving via HTTPS
 - self-signed cert
 - pre-shared client certs

OpenSuse 13.1 32 bit running Apache
openSSL 1.0.1e-11.10.1
subversion 1.8.5-2.11.1

TSVN
-------
Client: 32bit windows XP
TortoiseSVN 1.8.4, Build 24972 - 32 Bit , 2013/11/24 11:15:39
Subversion 1.8.5, -release
apr 1.4.8
apr-util 1.5.2
serf 1.3.2
OpenSSL 1.0.1e 11 Feb 2013
zlib 1.2.8

Setup
------
- Self-signed CA cert & p12 installed in windows
- Refs in servers file too

Using TSVN supplied CLI client:
--------------------------------
C:\test>"C:\Program Files\TortoiseSVN\bin\svn" --version
svn, version 1.8.5 (r1542147)
   compiled Nov 24 2013, 11:34:31 on x86-microsoft-windows

Copyright (C) 2013 The Apache Software Foundation.
This software consists of contributions made by many people;
see the NOTICE file for more information.
Subversion is open source software, see http://subversion.apache.org/

The following repository access (RA) modules are available:

* ra_svn : Module for accessing a repository using the svn network
protocol.
  - with Cyrus SASL authentication
  - handles 'svn' scheme
* ra_local : Module for accessing a repository on local disk.
  - handles 'file' scheme
* ra_serf : Module for accessing a repository via WebDAV protocol using
serf.
  - using serf 1.3.2
  - handles 'http' scheme
  - handles 'https' scheme

C:\test>"C:\Program Files\TortoiseSVN\bin\svn" ls -v https://...
svn: E120171: Unable to connect to a repository at URL 'https://...
svn: E120171: Error running context: An error occurred during SSL
communication

Using standard CLI client:
--------------------------
C:\test>c:\svn\bin\svn --version
svn, version 1.8.5 (r1542147)
   compiled Nov 15 2013, 17:31:59 on x86-microsoft-windows

Copyright (C) 2013 The Apache Software Foundation.
This software consists of contributions made by many people;
see the NOTICE file for more information.
Subversion is open source software, see http://subversion.apache.org/

The following repository access (RA) modules are available:

* ra_svn : Module for accessing a repository using the svn network
protocol.
  - with Cyrus SASL authentication
  - handles 'svn' scheme
* ra_local : Module for accessing a repository on local disk.
  - handles 'file' scheme
* ra_serf : Module for accessing a repository via WebDAV protocol using
serf.
  - using serf 1.3.2
  - handles 'http' scheme
  - handles 'https' scheme

C:\test>c:\svn\bin\svn ls -v https://...
      4 simon Nov 13 2009 ./
      1 svn Jul 31 2008 branches/
      1 svn Jul 31 2008 tags/
      4 simon Nov 13 2009 trunk/

-----------------------------------------------------
Hope that's enough.

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=3071729

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2014-01-17 15:10:12 CET

This is an archived mail posted to the TortoiseSVN Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.