My SVN problems were fixed when I changed from a self-generated SSL certificate to one obtained from a certification authority (Free SSL certificate obtained from StartCom: http://www.startssl.com/?app=39 )
I am not sure why this made a difference, but it might be worth trying if you have run out of ideas! Regards Tony. -----Original Message----- From: boun...@canonical.com [mailto:boun...@canonical.com] On Behalf Of gero Sent: 05 September 2010 13:26 To: t...@bayleyfamily.net Subject: [Bug 294648] Re: svn over https with client certificates broken(regression in intrepid) Hi, I've had problems since upgrading from Hardy to Lucid: $ svn update svn: OPTIONS of 'https://svn.example.com/path/to/svn/trunk': SSL handshake failed: SSL error: A TLS warning alert has been received. (https://svn.example.com) I assume the old svn client version was 1.4.6: http://packages.ubuntu.com/hardy/subversion The new version is 1.6.6. The repository has other users for whom it continues to work. Could this be the same problem? Using libneon instead of libneon-gnutls has not helped, only changed the error message slightly: svn: OPTIONS of 'https://svn.example.com/path/to/svn/trunk': SSL handshake failed: SSL error code -1/1/336032856 (https://svn.example.com) Any other ideas? -- svn over https with client certificates broken (regression in intrepid) https://bugs.launchpad.net/bugs/294648 You received this bug notification because you are a direct subscriber of the bug. Status in subversion: New Status in "subversion" package in Ubuntu: Confirmed Bug description: Binary package hint: subversion After upgrading from hardy to intrepid, svn with https client certificates authentication stopped working, giving the following error: u...@testhost:~$ svn info https://svn.example.org/svn/main/ svn: OPTIONS of 'https://svn.example.org/svn/main': Could not read status line: SSL error: Rehandshake was requested by the peer. (https://svn.example.org) This is against an apache2 server with <Location /svn> SSLVerifyClient require ... If I set "SSLVerifyClient none" everything just works, hence the conclusion that this is related to client certificate verification. I have configured my svn client to use a pkcs#12 file. This may be related to http://bugs.debian.org/480041 Version info: subversion 1.5.1dfsg1-1ubuntu2 libneon27-gnutls 0.28.2-2build1 To unsubscribe from this bug, go to: https://bugs.launchpad.net/subversion/+bug/294648/+subscribe -- svn over https with client certificates broken (regression in intrepid) https://bugs.launchpad.net/bugs/294648 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
