1

While using CentOS 6 and SVN 1.6 (yum install subversion) or 1.7.5, When I try to do an SVN checkout against a VisualSVN server I get the following error:

SSL handshake failed: SSL error: Key usage violation in certificate has been detected.

I have looked around the net and it suggests to do the following:

sudo mv /usr/lib/libneon-gnutls.so.27 /usr/lib/libneon-gnutls.so.27.old
sudo ln -s /usr/lib/libneon.so.27 /usr/lib/libneon-gnutls.so.27

However, libneon-gnutls.so.27 does not exist with this package of libneon, rendering the solution useless (I've tried):

neon-0.29.3-1.2.el6.i686

Is there a workaround that does not involve downgrading neon? I'm unsure how to get the proper version of neon I would need.

Danny Beckett
  • 20,529
  • 24
  • 107
  • 134
jnrcorp
  • 1,905
  • 1
  • 18
  • 25
  • --non-interactive --trust-server-cert do not apply because I am not being asked to trust the cert. The issue appears to lie beneath the svn layer and within libneon. – jnrcorp Jun 25 '12 at 12:21
  • /var/log/messages says: admin named[24114]: error (network unreachable) resolving '/A/IN': 2600:2004::75#53 – jnrcorp Jun 25 '12 at 12:29
  • I have also tried this: http://www.visualsvn.com/support/topic/00056/ – jnrcorp Jun 26 '12 at 15:33

1 Answers1

2

I upgraded VisualSVN to latest the version and added the registry key defined here: http://www.visualsvn.com/support/topic/00056/

Then regenerated a certificate. Turned off SSL and turned it back on.

After this I tried connecting from my server again and it worked. I'm not sure exactly which action resolved the issue, but it appears that even though the VisualSVN topic says it applies to 2.5 and not any specific subversion the latest version is able to properly generate a certificate.

jnrcorp
  • 1,905
  • 1
  • 18
  • 25
  • The 'Technical Background' of the KB article explains the issue BTW. After you applied the workaround VisualSVN Server generated the certificate in a way it's considered valid by GnuTLS. – bahrep Jul 26 '12 at 12:26