SSL handshake failed: SSL 错误:在证书中检测到违规的密钥用法。
问题:在WINDOWS中创建的SVN Server,在Linux client中无法连接。
原因:WINDOWS中的证书无法被Linux正确识别,因此需要修改证书,以使双方都可以正确识别。
修改方法如下:(在网上搜到的解决办法,特放在这里以备忘。)
http://www.visualsvn.com/support/topic/00056/
Symptoms
Subversion clients receive the following error message when attempting to connect to VisualSVN Server:
svn: OPTIONS of 'https://server.domain.local/svn/repo': SSL handshake failed: SSL error:
Key usage violation in certificate has been detected. (https://server.domain.local)
You may experience the issue if both of the following conditions are met:
VisualSVN Server has a self-signed certificate applied and
Subversion client is built against the GnuTLS library.
Note
GnuTLS library is an alternative to OpenSSL. Most Subversion clients for Windows are built against OpenSSL and are not affected by this issue. While some Subversion packages (available mostly on Linux-based operating systems such as Ubuntu and Debian) are built against GnuTLS and are affected.
Technical background
During the initial setup VisualSVN Server 2.5 generates a self-signed certificate and adds it to the Trusted Root Certification Authorities store on the local machine. To avoid possible security issues, VisualSVN Server makes this self-signed certificate to be valid for server authentication only (by specifying the 'Key Usage' extension). Subversion clients built against GnuTLS don't recognize such certificate and the error occurs.
Workaround
It's not recommended to use a self-signed certificate in a production environment. We advise to use a certificate issued by your domain or a third-party certificate authority instead of a self-signed one.
If you have to use a self-signed certificate please follow the instruction to generate a cerificate without specifying 'Key Usage' extension:
1、Add the following registry value to the Windows registry:
for 32-bit system:
[HKEY_LOCAL_MACHINE\SOFTWARE\VisualSVN\VisualSVN Server]
"CreateGnuTLSCompatibleCertificate"=dword:00000001
for 64-bit system:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\VisualSVN\VisualSVN Server]
"CreateGnuTLSCompatibleCertificate"=dword:00000001
2、Start VisualSVN Server Manager.
3、Go to Action | Properties | Certificate.
4、Click Change certificate... and follow the wizard instructions to generate a new self-signed certificate.
The certificate will be generated without the 'Key Usage' extension and will be compatible both with GnuTLS and OpenSSL.
SSL handshake failed: SSL 错误:在证书中检测到违规的密钥用法。的更多相关文章
- linux下svn不能连接上windows服务器:SSL handshake failed: SSL error
在linux服务器下载https链接的svn源码时出现:SSL handshake failed: SSL error: Key usage violation in certificate has ...
- 解决Linux下Svn检出Windows SVN服务器上项目SSL handshake failed: SSL error: Key usage violation in certificate has been detected.
在Linux上检出windows SVN服务器上项目时出现了SSL handshake failed: SSL error: Key usage violation in certificate ha ...
- 在阿里云linux下使用SVN访问VisualSVN出错:SSL handshake failed: SSL error: Key usage violation in certificate has been detected
Subversion clients receive the following error message when attempting to connect to VisualSVN Serve ...
- CentOS上svn checkout时报错SSL handshake failed: SSL error: Key usage violation in certificate has been det
局域网安装了个SVN在checkout的时候报错 SSL handshake failed: SSL error: Key usage violation in certificate has bee ...
- SSL handshake failed: SSL error: Key usage violation in certificate has been detected.
sudo apt-get install libneon27-dev cd /usr/libsudo mv libneon-gnutls.so.27 libneon-gnutls.so.27.olds ...
- Error on SVN checkout:SSL handshake failed
最近遇到了一个恼火的问题,在Ubuntu上尝试用svn命令checkout一个https的repository时遇到个错误信息: svn: E175002: Unable to connect to ...
- Charles 抓包 Client SSL handshake failed - Remote host closed connection during handshake
Charles 抓包 https 报错: Client SSL handshake failed - Remote host closed connection during handshake # ...
- 使用PHPMailer 中的报错解决 "Connection failed. Error #2: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:"
PHPMailer项目地址:https://github.com/PHPMailer/PHPMailer 项目中用到PHPMailer,使用过程中报错:"Connection failed. ...
- phpmailer发送邮件出现错误:stream_socket_enable_crypto(): SSL operation failed with code 1.
如果开了调试,调试进去会看到错误提示: smtp_code:"stream_socket_enable_crypto(): SSL operation failed with code 1. ...
随机推荐
- Oracle 经典语法(三)
1. 让SELECT TO_CHAR(sal,'L99,999.99') FROM emp WHERE ROWNUM < 5 输出结果的货币单位是¥和$.SELECT TO_CHAR(sal, ...
- 深入理解HTTPS通讯原理
一.HTTPS简介 HTTPS(Hyper Text Transfer Protocol over Secure Socket Layer),简单来讲就是加了安全的HTTP,即HTTP+SSL:我们知 ...
- Linux(CentOS)同步时间
可参考:http://www.ntp.org.cn/ http://www.cnblogs.com/pipelone/archive/2009/06/17/1505002.html 当前已提供的各国N ...
- hdu 3111 DLX解数独
思路:裸的DLX解数独.关键是建图,感觉还不如写个dfs直接,DLX写这个的代码很烦. #include<set> #include<map> #include<cmat ...
- 添加iPhone设备的udid之后,重新生成开发证书(Development)
选择Provisioning profiles-Development-添加 ,如图:
- Web 网页常见问题集锦
1.如何去掉Chrome记住密码后自动填充表单的黄色背景 不知道大家有没有这样的烦恼,在Chrome浏览器中,记住密码后重新填写表单数据时,自动会有黄色背景的出现.(如图a) 图a 而出现这个黄色背景 ...
- 查看Nodejs 占用的端口
查看 Nodejs 占用的端口 ps -ef | grep node强制关闭端口 kill
- 如何下载免费英特尔® 实感™ SDK
英特尔® 实感™ SDK支持的用途包括手/指跟踪.面部分析.语音识别和合成.背景分段.增强现实性等等,给你带来全新的人机交互体验.还不赶紧跟着我们一起免费下载英特尔® 实感™ SDK吧! 1. 输入网 ...
- Java中Properties类的学习总结
学习目标: 1.认识properties文件,理解其含义,会正确创建properties文件. 2.会使用java.util.Properties类来操作properties文件. 一.认识prope ...
- 微软的COM中GUID和UUID、CLSID、IID
摘自:http://blog.csdn.net/zhongguoren666/article/details/6711396 当初微软设计com规范的时候,有两种选择来保证用户的设计的com组件可以全 ...