Originally created by: christophe.nanteuil@gmail.com
Originally owned by: cmpilato
Hello,
About the Chapter 6, section "SSL certificate management", I think the text
about challenging a client certificate is not clear enough:
I would replace :
When talking to Apache, a Subversion client might also
receive a challenge for a client certificate. Apache is
asking the client to identify itself: is the client really
who it says it is? If all goes correctly, the Subversion
client sends back a private certificate signed by a CA that
Apache trusts. A client certificate is usually stored on
disk in encrypted format, protected by a local password.
When Subversion receives this challenge, it will ask you for
a path to the certificate and the password that
protects it
by (excuse my poor english):
The same way a Subversion client asks the Apache server a server
certificate to authenticate itself, a Subversion client might receive a
challenge from the Apache server. Apache is asking the client to
identify itself: is the client really who it says it is? If all goes
correctly, the Subversion client sends back a public certificate signed
by a CA the Apache server trusts, alongside with a proof that the client
owns the private key associated with the certificate (the challenge
response). The public certificate and the private key are usually stored
in a bag (a <quote>p12</quote> file, which means PKCS#12 format)
on the disk, the bag being protected by a passphrase (normally longer
therefore stronger than a password). When Subversion receives this
challenge, it will ask you for a path to the bag and the
passphrase that protects the private key.
View and moderate all "tickets Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Tickets"
Originally posted by: cmpilato
(No comment was entered for this change.)
Owner: cmpilato
View and moderate all "tickets Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Tickets"
Originally posted by: cmpilato
(No comment was entered for this change.)
Summary: ch06: SSL certificate management explanation
Labels: Milestone-en-1.6
View and moderate all "tickets Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Tickets"
Originally posted by: quinntay...@mac.com
Since I had already submitted some other changes to the SSL section, cmpilato asked me to integrate these improvements. He committed them in rev 3890; I think the new version addresses this issue.
View and moderate all "tickets Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Tickets"
Originally posted by: cmpilato
(No comment was entered for this change.)
Status: Fixed