SSL authentication fails on Linux on SVN connection to Visual SVN server, problem Resolution (GO)

Scenario: 1, install Visual SVN Server on Windows 7 as your own SVN servers.

2. Use the SVN client check code on the virtual machine CentOS 6.3 to error:

[Plain]View Plaincopyprint?

2. #svn   checkout https://192.168.0.104:8443/svn/dbllist  
4. Svn:options of ' https://192.168.0.104:8443/svn/DblList ': SSL handshake failed:ssl error:key usage violation in certific ATE has been detected. (https://192.168.0.104:8443)

Solution: Find an article on the Internet and follow the method it describes to solve the problem. Understand, this is because virtual SVN uses a plugin when generating authentication data, and this plugin is supported by OpenSSL, but GnuTLS is not supported. The detailed content everybody looks carefully. Thanks to the original author of this article, and the person who spread it.

Symptoms

Subversion clients receive the following error message when attempting to connect to VISUALSVN Server:

Svn:options of ' Https://server.domain.local/svn/repo ': SSL handshake Failed:ssl Error:
Key usage violation in certificate have been detected. (https://server.domain.local)

Experience the issue if both of the following conditions are met:

• VISUALSVN Server has a self-signed certificate applied and
• Subversion client is built against the GNUTLS library.

Notegnutls Library is a alternative to OpenSSL. Most Subversion clients for Windows is built against OpenSSL and is not affected by this issue. While some Subversion packages (available mostly on linux-based operating systems such as Ubuntu and Debian) is built Aga Inst GnuTLS and is affected. Technical background

During the initial setup VISUALSVN Server 2.5 generates a self-signed certificate and adds it to the Trusted Root certific Ation authorities store on the local machine. To avoid possible security issues, VISUALSVN Server makes the self-signed certificate to being valid for Server Authenticati On only (by specifying the ' Key Usage ' extension). Subversion clients built against GnuTLS don ' t recognize such certificate and the error occurs.

Workaround

It's not recommended to use a self-signed certificate in a production environment. We advise to use a certificate issued by your domain or a third-party certificate authority instead of a self-signed one.

Self-signed certificate please follow the instruction to generate a cerificate without specifying ' Ke Y Usage ' extension:

1. ADD the following registry value to the Windows registry:

   • for 32-bit System:

      [hkey_local_machine\software\visualsvn\visualsvn Server] " Creategnutlscompatiblecertificate "=dword:00000001 

   • for 64-bit System:

      [hkey_local_machine\software\wow6432node\visualsvn\visualsvn Server] " Creategnutlscompatiblecertificate "=dword:00000001 

3. Start visualsvn Server Manager.
5. Go to Action | Properties | Certificate.
7. Click Change certificate ... and follow the wizard instructions to generate a new self-signed certificate.

The certificate would be generated without the ' Key Usage ' extension and would be compatible both with GnuTLS and OpenSSL.

Http://blog.chinaunix.net/uid-24567872-id-3861366.html

http://blog.csdn.net/xinshou_jiaoming/article/details/6956558

SSL authentication fails on Linux on SVN connection to Visual SVN server, problem Resolution (GO)