This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

subversion issues with server certs in latest cygwin



We have several people who have updated their cygwin setup in the last month or so, and after doing so subversion no longer wants to connect to our subversion server. The server uses apache and ssl with our own cert. After upgrading the subversion client no longer ask the "this cert is untrusted, do you still want to connect" question.


It should do this:

ÂÂÂ $ svn ls https://myserver.com/svn/myproject
ÂÂÂ Error validating server certificate for 'https://myserver.com:443':
ÂÂÂÂ - The certificate is not issued by a trusted authority. Use the
ÂÂÂÂÂÂ fingerprint to validate the certificate manually!
ÂÂÂ Certificate information:
ÂÂÂÂ - Hostname: myserver.com
ÂÂÂÂ - Valid: from Thu, 08 Oct 2009 23:05:48 GMT until Sat, 08 Oct 2011 23:05:48 GMT
ÂÂÂ (R)eject, accept (t)emporarily or accept (p)ermanently? p
ÂÂÂ Authentication realm: <https://myserver.com:443>; myproject


Instead it does this:

ÂÂÂ $ svn ls https://myserver.com/svn/myproject
ÂÂÂ svn: OPTIONS of 'https://myserver.com/svn/myproject': SSL handshake failed:
ÂÂÂÂ SSL error: certificate verify failed (https://myserver)


It also doesn't appear to access the already cached info since some of these people were using subversion previous to the upgrade.

The only way to get it to connect to the server is to have the user install the ca cert on their system, then things work.

This only seems to happen in cygwin. If I install a regular windows distribution on the system, from collabnet.com, it works fine. Connecting using a browser works fine, asks to take the security risk then continues on. It works from other systems (macs, netbsd, ubuntu) so I don't believe that it has anything to do with the environment.Â

The same thing happens against multiple servers for various projects. Our servers are using netbsd with:

 Apache/2.2.11 (Unix) SVN/1.6.5 mod_ssl/2.2.11 OpenSSL/0.9.9-dev DAV/2 mod_wsgi/2.5 Python/2.5.4

Any help would be appreciated, but I believe it's a problem with the distribution since it's now very reproducible.






--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]