Wednesday, October 29, 2008

Svn problems in Sabayon with https

On the new Sabayon installation (I guess the problem is in Gentoo too, though), I'm getting errors when accessing to an https repository which does not have a valid certificate (of course I trust that site):

svn checkout https://xxx svn: OPTIONS of 'https://xxx': SSL negotiation failed: SSL error: Key usage violation in certificate has been detected. (https://xxx)

I found this post on ubuntu forums which seems to be related to this very same problem: the neon library, which svn uses to access https sites, uses GNU TLS which does not like this kind of certificates (that's may be fine, but at least, I should give the possibility of choosing, shouldn't I?).

In Sabayon it's pretty easy to solve this problem because you can use emerge and use flags to rebuild the binaries as you wish :-)

In particular, you need to rebuild the neon package disabling the gnutls use option. I did this by changing (or adding) in /etc/portage/package.use this line:

net-misc/neon -gnutls

and then I emerged neon and subversion packages.

Hope this helps :-)


Kurt Huwig said...

You have the choice: you explicitly said in your server certificate, that this usage is not allowed and GNU TLS respects this while OpenSSL ignores your requirements.

betto said...

Kurt, could you please expand your suggestion? I'm not sure I understand...