Re: AW: PROPFIND of '/svn/pub': SSL negotiation failed: SSL error: un known protocol (https://svn.redcor.net

From: robert rottermann <robert_at_redcor.ch>
Date: 2004-08-05 16:17:23 CEST

Thanks for your answer,

Hunkel, Manfred wrote:
> Does your http-server understand https? I.e. is it configured appropriately?
> How is your http-server (Apache?) being started up?
To tell you the truth I do not know (I fiddled the whole day)

I am using SuSE 9.1 and start apache with rcapache2

If I look in the error log I see a warning:

[warn] RSA server certificate CommonName (CN) `Robert Rottermann' does
NOT match server name!?

So my certificate I created this morning seems to be loaded.

Following is my code. It is a copy of a template I got with SuSE 91.
(which the server runs). I stripped most of the comments.

Thanks
Robert

#<IfDefine SSL>
#<IfDefine !NOSSL>

##
## SSL Virtual Host Context
##
listen 443
<VirtualHost 193.246.254.160>

     # General setup for the virtual host
     DocumentRoot "/home/svn/pub"
     ServerName svn.redcor.net
     #ServerAdmin webmaster@example.com
     ErrorLog /var/log/apache2/svn_error_log
     TransferLog /var/log/apache2/svn_access_log
     # SSL Engine Switch:
     # Enable/Disable SSL for this virtual host.
     SSLEngine on

     # SSL Cipher Suite:
     # List the ciphers that the client is permitted to negotiate.
     # See the mod_ssl documentation for a complete list.
     SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

# Server Certificate:
SSLCertificateFile /etc/apache2/ssl.crt/svn.redcor.net.crt

# Server Private Key:
SSLCertificateKeyFile /etc/apache2/ssl.key/svn.redcor.net.key

     #SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars
+StrictRequire
     <Files ~ "\.(cgi|shtml|phtml|php3?)$">
         SSLOptions +StdEnvVars
     </Files>
     <Directory "/srv/www/cgi-bin">
         SSLOptions +StdEnvVars
     </Directory>

     # "force-response-1.0" for this.
     SetEnvIf User-Agent ".*MSIE.*" \
          nokeepalive ssl-unclean-shutdown \
          downgrade-1.0 force-response-1.0

     # Per-Server Logging:
     # The home of a custom SSL log file. Use this when you want a
     # compact non-error SSL logfile on a virtual host basis.
     CustomLog /var/log/apache2/svn_ssl_request_log ssl_combined

     <Location /svn>
         DAV svn
         SVNParentPath /home/svn
         SVNAutoversioning on
         # # Limit write permission to list of valid users.
         # <LimitExcept GET PROPFIND OPTIONS REPORT>
         # # Require SSL connection for password protection.
         # # SSLRequireSSL
         #
         # AuthType Basic
         # AuthName "Authorization Realm"
         # AuthUserFile /home/svn/user_access/myproject1_passwdfile
         # Require valid-user
         # </LimitExcept>
     </Location>
</VirtualHost>

#</IfDefine>
#</IfDefine>

>
> ;-) -Manfred
>
> | -----Ursprüngliche Nachricht-----
> | Von: robert rottermann [mailto:robert@redcor.ch]
> | Gesendet: Donnerstag, 5. August 2004 15:25
> | An: users@subversion.tigris.org
> | Betreff: svn: PROPFIND of '/svn/pub': SSL negotiation failed: SSL error: unknown
> | protocol (https://svn.redcor.net
> |
> | Hi there,
> | I am trying to install a subversion server with DAV and HTTPS support.
> | Since I have never done anything with with HTTPS I need your help.
> |
> | This is the error I get
> |
> | /usr/bin/svn list https://svn.redcor.net/svn/pub
> | svn: PROPFIND request failed on '/svn/pub'
> | svn: PROPFIND of '/svn/pub': SSL negotiation failed: SSL error: unknown
> | protocol (https://svn.redcor.net)
> |
> | This is what I did:
> | Installed subversion 1.1rc1 (which works fine with http and svn)
> |
> | the configure options I used where:
> | ./configure --with-apxs --with-ssl
> |
> | svn --version shows
> | * ra_dav : Module for accessing a repository via WebDAV (DeltaV) protocol.
> | - handles 'http' schema
> | - handles 'https' schema
> | * ra_local : Module for accessing a repository on local disk.
> | - handles 'file' schema
> | * ra_svn : Module for accessing a repository using the svn network protocol.
> | - handles 'svn' schema
> |
> | Thanks for any help
> | Robert
> |
> | ---------------------------------------------------------------------
> | To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> | For additional commands, e-mail: users-help@subversion.tigris.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Aug 5 16:17:43 2004

This message: [ Message body ]
Next message: Ben Collins-Sussman: "Re: Apache memory profile on Windows 2000 Server"
Previous message: Mark Phippard: "Re: Apache memory profile on Windows 2000 Server"
In reply to: Hunkel, Manfred: "AW: PROPFIND of '/svn/pub': SSL negotiation failed: SSL error: un known protocol (https://svn.redcor.net"
Next in thread: Paul Puschmann: "Re: AW: PROPFIND of '/svn/pub': SSL negotiation failed: SSL error: un known protocol (https://svn.redcor.net"
Reply: Paul Puschmann: "Re: AW: PROPFIND of '/svn/pub': SSL negotiation failed: SSL error: un known protocol (https://svn.redcor.net"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]