On Tue, Sep 30, 2003 at 05:20:28PM +0100, Joe Orton wrote:
> On Wed, Oct 01, 2003 at 03:22:00AM +1200, Nick Wright wrote:
> > I suspect there is some sort of issue with the way I have Apache/SSL set up..
> > I'm fairly new to the SSL side of things especially..
> >
> > Anything to do with the "dropped support for PEM-encoded client certs, only
> > accept PKCS12 now" thing new in NEON 0.24 perhaps?
> >
> > The server runs Debian testing/unstable, Apache/2.0.47 (Debian GNU/Linux),
> > DAV/2 SVN/0.30.0, mod_ssl/2.0.47, OpenSSL/0.9.7b
> >
> >
> > If you havent done so already, the output from the openSSL client is posted
> > below.
> >
> > You can try connecting to the repository also - it's just at
> > https://highgate.net.nz/
>
> The patch below should work around this with neon 0.24.2, thanks for
> making the server available. (it would help if you could leave it
> available too so I can work out whether the test suite is woefully
> inadequate in not catching this, or just that your server config is
> strange)
Have you got any SSLCipherSuite lines in your server config?
This bug is being trigged because an SSLv2 connection is getting
negotiated here rather than SSLv3/TLSv1 as one would expect from this
combination of an OpenSSL client and server.
joe
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Oct 1 01:36:09 2003