> > But when I try to use SVN to access the repository it says:
> > svn: PROPFIND request failed on '/svn/foo'
> > svn: PROPFIND of '/svn/foo': Could not read status line: SSL error: sslv3 alert unexpected message (https://ssl.ourcompany.com)
>
> Just a guess: did you tell subversion which client certificate to use?
>
Yes. As I said, when I set "SSLVerifyClient optional" in the Apache configuration SVN works fine (But with undesirable effects on other parts of the SSL server).
> Anyways, it would make troubleshooting and/or reproducing your problem
> easier if you told us the actual svn commands you used.
>
The above output was from a simple "svn up" inside an allready checked out work dir, but "svn co" gives the same output:
First with "SSLVerifyClient optional" in the main SSL configuration:
$ rm -Rf foo
$ svn co https://ssl.ourcompany.com/svn/foo
Authentication realm: https://ssl.ourcompany.com:443
Client certificate filename: mads.tandrup-cert.p12
Passphrase for 'mads.tandrup-cert.p12':
A foo/trunk
[...]
A foo/tags
Checked out revision 2749.
Now with "SSLVerifyClient require" in svn location context:
$ rm -Rf foo
$ svn co https://ssl.ourcompany.com/svn/foo
svn: PROPFIND request failed on '/svn/foo'
svn: PROPFIND of '/svn/foo': Could not read status line: SSL error: sslv3 alert unexpected message (https://ssl.ourcompany.com)
In other words, It doesn't give me the chance to supply a certificate when SSLVerifyClient is set to require as described in my first post.
For me it seems like the svn client gives up when the SSL server asks for an renegotation
Best regards,
Mads B. Tandrup
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun Apr 30 12:23:56 2006