You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to TortoiseSVN
Symptoms ---------------- With TortoiseSVN 1.14.5, when accessing the repository in the repository browser, a "TortoiseSVN SSL Client Certificate Selection" dialog appears, I specify a certificate and click the [OK] button. However, the "TortoiseSVN SSL Client Certificate Selection" dialog is displayed again and after clicking the [OK] button several times, an error occurs as shown below and I cannot access the repository. --- Unable to connect to a repository at URL 'https://subversion_host/svn/repository/' Error running context: An error occurred during SSL communication --- By performing the following two remedies, sometimes I can access the repository without the "TortoiseSVN SSL Client Certificate Selection" dialog being displayed. (Sometimes I can't, the conditions are unclear) 1. Write the following content in %APPDATA%/Subversion/servers. [global] ssl-client-cert-file=C:\mypath\svn_user.p12 ssl-client-cert-password=somepassword
2. Make the following setup in the registry. Registry Key: HKEY_CURRENT_USER\Software\TortoiseSVN\OpenSSLCapi DWORD Value: 0
Moreover, I found that the behavior changes depending on the version of TortoiseSVN.
With TortoiseSVN version 1.8.12-1.11.0 (OpenSSL 1.1.0 or earlier), I can access without any problems. With TortoiseSVN version 1.10.4,1.10.5,1.12.0-1.14.5 (OpenSSL 1.1.x), I can access by setting the client certificate in the servers file. However, as mentioned before, there are cases where I cannot access. The conditions are unclear. With TortoiseSVN version 1.14.6,1.14.7 (OpenSSL 3.2.0), I cannot access even if I set the client certificate in the servers file.
System Configuration ---------------- We connect to Subversion via a reverse proxy.
Reverse proxy: Apache/2.4.37 OpenSSL 1.1.1k
Subversion server: Apache/2.4.6 svn, version 1.14.1 (r1886195)
The client certificate authentication is performed at the reverse proxy, and when I cannot access Subversion with this error, the error occurs at the reverse proxy. No access is being made to the Subversion server.
---------------- Please tell me how to access with TortoiseSVN version 1.10.4,1.10.5,1.12.0-1.14.5 (OpenSSL 1.1.x) and how to access with TortoiseSVN version 1.14.6,1.14.7 (OpenSSL 3.2.0).
Daniel Sahlberg
unread,
Jul 6, 2024, 2:56:03 PM (2 days ago) Jul 6
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to TortoiseSVN
Most probably your certificate(s) are issued with a cipher suite that is no longer supported by OpenSSL 3 or with a length that is considered too short in OpenSSL 3. Can you check the certificates and possibly re-issue them with longer/better ciphers?