Re: svn ls https://... results in "The certificate has an unknown error"

From: Joe Orton <jorton_at_redhat.com>
Date: Tue, 8 Dec 2009 11:53:18 +0000

On Tue, Dec 08, 2009 at 12:36:04PM +0100, Erik Wasser wrote:
> I think here lies the key:
>
> ssl: Match common name '*.company.invalid' against 'dev.int.company.invalid'
> ssl: Identity match for 'dev.int.company.invalid': bad
>
> Maybe wildcards are not correctly supported?

They are, but neon matches a '*' against only a single domain name
component, as is required by RFC 2818. i.e. neon would accept the name
if the cert had "*.int.company.invalid" but will not match both
components "dev.int" against the "*".

> Funny detail (maybe this helps), putting the line "neon-debug-mask = 258" into
> "~/.subversion/servers" converts the working machine into a non working
> machine. Now I got here the question too:

I've no idea what is going on there, sorry!

Regards, Joe

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2428165

Please start new threads on the <users_at_subversion.apache.org> mailing list.
To subscribe to the new list, send an empty e-mail to <users-subscribe_at_subversion.apache.org>.
Received on 2009-12-08 12:54:31 CET

This message: [ Message body ]
Next message: Thomas Harold: "Re: Saving emails"
Previous message: Erik Wasser: "Re: svn ls https://... results in "The certificate has an unknown error""
In reply to: Erik Wasser: "Re: svn ls https://... results in "The certificate has an unknown error""

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]