Re: Need help tracking down problem accessing IETF Subversion repository

Hi,

Yoav's tcpdump analysis, together with Martin's observations, helped
me find the problem at the server end.  I've changed the config now
(addding a missing 'NameVirtualHost *:443' to Apache's config), and
Stuart's example now works for me on OS X Snow Leopard and Lion:

  svn info https://svn.tools.ietf.org/svn/wg/hybi

(The box running Lion isn't happy with the certificate, though, even
if all other means of verification I have tells me it's OK.)

Thanks and best regards,

        Henrik

On 2011-09-26 22:11 Yoav Nir said:

The client sends a SNI extension with the name "svn.tools.ietf.org".
For some reason the server does not recognize the name. This is
particularly puzzling because the CommonName in the server
certificate is "*.tools.ietf.org", which is usually considered a
match. The server sends a warning-level "unrecognized name" alert,
and the client breaks the connection.

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

RE: 240/4 unreservation (was RE: Last Call: <draft-weil-shared-transition-space-request-03.txt> (IANA Reserved IPv4 Prefix for Shared Transition Space) to Informational RFC), George, Wes

Next by Date:

RE: [BEHAVE] Last Call: <draft-ietf-behave-v4v6-bih-06.txt> (Dual Stack Hosts Using "Bump-in-the-Host" (BIH)) to Proposed Standard, Dan Wing

Previous by Thread:

Re: Need help tracking down problem accessing IETF Subversionrepository on Mac OS X, t.petch

Next by Thread:

Re: Need help tracking down problem accessing IETF Subversion repository on Mac OS X, Stuart Cheshire

Indexes:

[Date] [Thread] [Top] [All Lists]