文档章节

VisualSVN Server certificate key usage violati...

鱼北子
 鱼北子
发布于 2013/01/10 15:42
字数 316
阅读 153
收藏 0

Applies to: VisualSVN Server 2.5

Symptoms

Subversion clients receive the following error message when attempting to connect to VisualSVN Server:

svn: OPTIONS of 'https://server.domain.local/svn/repo': SSL handshake failed: SSL error:
Key usage violation in certificate has been detected. (https://server.domain.local)

You may experience the issue if both of the following conditions are met:

  • VisualSVN Server has a self-signed certificate applied and
  • Subversion client is built against the GnuTLS library.
Note
NoteGnuTLS library is an alternative to OpenSSL. Most Subversion clients for Windows are built against OpenSSL and are not affected by this issue. While some Subversion packages (available mostly on Linux-based operating systems such as Ubuntu and Debian) are built against GnuTLS and are affected.

Technical background

During the initial setup VisualSVN Server 2.5 generates a self-signed certificate and adds it to the Trusted Root Certification Authorities store on the local machine. To avoid possible security issues, VisualSVN Server makes this self-signed certificate to be valid for server authentication only (by specifying the 'Key Usage' extension). Subversion clients built against GnuTLS don't recognize such certificate and the error occurs.

Workaround

It's not recommended to use a self-signed certificate in a production environment. We advise to use a certificate issued by your domain or a third-party certificate authority instead of a self-signed one.

If you have to use a self-signed certificate please follow the instruction to generate a cerificate without specifying 'Key Usage' extension:

  1. Add the following registry value to the Windows registry:
    • for 32-bit system:

      [HKEY_LOCAL_MACHINE\SOFTWARE\VisualSVN\VisualSVN Server]
      "CreateGnuTLSCompatibleCertificate"=dword:00000001
    • for 64-bit system:

      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\VisualSVN\VisualSVN Server]
      "CreateGnuTLSCompatibleCertificate"=dword:00000001
  2. Start VisualSVN Server Manager.
  3. Go to Action | Properties | Certificate.
  4. Click Change certificate... and follow the wizard instructions to generate a new self-signed certificate.

The certificate will be generated without the 'Key Usage' extension and will be compatible both with GnuTLS and OpenSSL.

本文转载自:http://www.visualsvn.com/support/topic/00056/

鱼北子

鱼北子

粉丝 23
博文 39
码字总数 7139
作品 0
昌平
技术主管
私信 提问
VisualSVN Server 安装出错解决方法

在Windows 2008、Win7 Sp1、Win Xp Sp3等系统下安装VisualSVN Server时,通常会遇到如下错误: 第一次安装会弹出如下错误提示对话框: Custom action GenerateSSLKey failed: Command termi...

Jokeny
2018/09/21
52
0
安装VisualSVN Server过程中出现异常,无法启动VisualSVN服务

安装VisualSVN Server过程中出现错误,无法启动VisualSVN服务 安装VisualSVN Server过程中出现错误,无法启动VisualSVN服务 OS为WINDOWS 2008,干净系统,只有iis和ftp服务,安装到最后一步出...

徐荣
2014/04/27
2.8K
0
解决ubuntu下svn下载代码出现的SSL error问题

由于习惯问题, 一直在ubuntu 下开发一些程序, 同事都是在window下面, 所以经常会出现一些问题. 最近装了64位ubuntu12.04版本. sudo apt-get install svn 后, 出现如下的错误. SSL handshake...

lazyluo
2013/08/17
2.6K
0
VisualSVN Server+Trac集成安装(图文版)

团队开发过程中,Subversion是首选的源码版本控制软件,Trac是基于网页界面的项目管理和缺陷最终的软件,最重要的是它们都是开源的。

in-cloud
2013/12/04
647
1
VisualSVN Server在Windows Server 2003下导致的日志暴长的解决方案!

昨夜在安装完VisualSVN去进行项目代码托管的时候,经过一段时间突然弹出对话框提示说日志满了请手动清理。 然后我就去看看日志上的错误。发现问题是VisualSVN Server自己一直在重新自我启动。...

晨曦之光
2012/06/05
1K
0

没有更多内容

加载失败,请刷新页面

加载更多

75、GridFS

GridFS是MongoDB提供的用于持久化存储文件的模块,CMS使用Mongo DB存储数据,使用FGridFS可以快速集成开发。 工作原理: 在GridFS存储文件是将文件分块存储,文件会按照256KB的大小分割成多个...

lianbang_W
今天
4
0
js bind 绑定this指向

本文转载于:专业的前端网站➱js bind 绑定this指向 1、示例代码 <!DOCTYPE html><html lang="zh"> <head> <meta charset="UTF-8" /> <title>bind函数绑定this指向......

前端老手
今天
4
0
CentOS Linux 7上将ISO映像文件写成可启动U盘

如今,电脑基本上都支持U盘启动,所以,可以将ISO文件写到U盘上,用来启动并安装操作系统。 我想将一个CentOS Linux 7的ISO映像文件写到U盘上,在CentOS Linux 7操作系统上,执行如下命令: ...

大别阿郎
今天
4
0
深入vue-公司分享ppt

组件注册 全局注册 注册组件,传入一个扩展过的构造器 Vue.component('my-component', Vue.extend({/*...*/})) 注册组件,传入一个选项对象(自动调用Vue.extend) Vue.component('my-comp...

莫西摩西
今天
5
0
gitlab重置管理员密码

登录gitlab服务器 [root@localhost bin]# sudo gitlab-rails console productionLoading production environment (Rails 5.2.3)irb(main):001:0> u = User.where(email: 'admin@example.co......

King华仔o0
今天
3
0

没有更多内容

加载失败,请刷新页面

加载更多

返回顶部
顶部