Hi, I'm implementing publicly accessible mod_davn_svn in addition to some internally used svnserve. Some of my repos use svn:externals where we used to defined "//internal.example.org/...", my publicly available entry point is "https://external.example.org";. For the public "internal.example.org" is resolved as "external.example.org", so checking out a repo from HTTPS with svn:externals used would result in a request to "https://internal.example.org"; and produce certificate verification failures in the client because of mismatching domain names and such.
So I thought of simply changing the svn:externals definition to "http://internal.example.org"; which I can then redirect to "https://external.example.org"; on my public server. In my tests that seemed to work properly and the important part is that the locally created working copy for svn:externals only contained HTTPS-URLs. So am I correct that my approach is safe regarding that no user passwords or such are going unencrypted over the wire if only the first request doesn't contain such passwords and will always only be the redirect? Any other problems which I might overlook currently? Thanks! Mit freundlichen Grüßen, Thorsten Schöning -- Thorsten Schöning E-Mail: thorsten.schoen...@am-soft.de AM-SoFT IT-Systeme http://www.AM-SoFT.de/ Telefon...........05151- 9468- 55 Fax...............05151- 9468- 88 Mobil..............0178-8 9468- 04 AM-SoFT GmbH IT-Systeme, Brandenburger Str. 7c, 31789 Hameln AG Hannover HRB 207 694 - Geschäftsführer: Andreas Muchow
