You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@subversion.apache.org by Pa...@cec.eu.int on 2003/09/24 07:59:38 UTC

(Client) <--> (https proxy) <--> (https svn)

(Client) <--> (https proxy) <--> (https svn)

Does anybody use this architecture ?

I can browse my repositories without problem with mozilla but if I try à
checkout I get :

D:\Temp\crotte>svn co https://xxx.yyyy.com/svn/svn_test
Error validating server certificate: Unknown certificate issuer, Hostname
mismatch. Accept? (y/N): y
svn: RA layer request failed
svn: PROPFIND request failed on '/svn/svn_test'
svn: PROPFIND of '/svn/svn_test': Could not read response body: Secure
connection truncated (https://xxx.yyyy.com)

I'm using self signed certificates on both machines 

https svn ---> Mandrake 9.1 : svn 0.29 + httpd-2.0.47 + compiled from sratch
https proxy ---> Mandrake 9.1 : apache installed from rpms on the proxy
Certificates are generated using
http://www.corserv.com/freebsd/apache-ssl-howto.html


I'm using https because of proxies (http don't go through)


Thanks

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: (Client) <--> (https proxy) <--> (https svn)

Posted by Joe Orton <jo...@manyfish.co.uk>.

On Wed, Sep 24, 2003 at 09:59:38AM +0200, Patrick.LOGE@cec.eu.int wrote:
> (Client) <--> (https proxy) <--> (https svn)
> 
> Does anybody use this architecture ?
> 
> I can browse my repositories without problem with mozilla but if I try à
> checkout I get :
> 
> D:\Temp\crotte>svn co https://xxx.yyyy.com/svn/svn_test
> Error validating server certificate: Unknown certificate issuer, Hostname
> mismatch. Accept? (y/N): y
> svn: RA layer request failed
> svn: PROPFIND request failed on '/svn/svn_test'
> svn: PROPFIND of '/svn/svn_test': Could not read response body: Secure
> connection truncated (https://xxx.yyyy.com)

This means that the server (or proxy) has closed the TCP connection
without first cleanly shutting down the SSL layer (or so neon claims).

I can check out from https://svn.collab.net/ via a 2.0.46 proxy OK from
a Linux client - can you enable neon debugging and get a debug trace?
You need to set neon-debug-mask to 259 in the global config section.

joe

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org

Re: (Client) <--> (https proxy) <--> (https svn)

Posted by Ben Collins-Sussman <su...@collab.net>.

Patrick.LOGE@cec.eu.int writes:

> svn: PROPFIND of '/svn/svn_test': Could not read response body: Secure
> connection truncated (https://xxx.yyyy.com)

I've never seen an error like this before.... ?

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org