problem in deploying the svnwebclient in https protocol

Former SVN Browser
debasis
Posts: 1
Joined: Wed Nov 18, 2009 3:42 pm

problem in deploying the svnwebclient in https protocol

Postby debasis » Wed Nov 18, 2009 3:51 pm

Hi All,
svn web client is working fine with http.but ours is https-url for the subversion.
in the web.xml gave the repository url-https://srv70.agi.com:8443/svn/TAC
i saw from the doc that i need to provide
ProtocolKeyFile - Path to user's certificate file
ProtocolPassPhrase - The password to ssl certificate

But i don't know where can i get user's certificate file and where can i get the password for the ssl certificate.

svn web clint is simply hanging .it is not creating any log for that if something goes wrong abt the path of the protocol key file or password.

any help will be highly appreciable.

Thanks,
Debasis

ChernikovaEkaterina
Posts: 15
Joined: Mon Dec 07, 2009 9:08 pm

Re: problem in deploying the svnwebclient in https protocol

Postby ChernikovaEkaterina » Mon Dec 07, 2009 9:34 pm

Hi Debasis,

configure 'ProtocolKeyFile' parameter in web.xml file.
Here's a snippet of protocol section:

<!-- Protocols support -->
<!--
Path to user's certificate file in SSL or user's ssh private key in SSH
Example: D:/client.p12
-->
<context-param>
<param-name>ProtocolKeyFile</param-name>
<param-value>D:/client.p12</param-value>
</context-param>
<!--
The password to the ssh private key or the password to ssl certificate
Example: svn
-->
<context-param>
<param-name>ProtocolPassPhrase</param-name>
<param-value>svn</param-value>
</context-param>
<!--
The number of the port across which an ssh tunnel is established
Values: valid port number
Example: 22
-->
<context-param>
<param-name>ProtocolPortNumber</param-name>
<param-value>22</param-value>
</context-param>

Best Regards,

Ekaterina Chernikova
Polarion Software Support

schneigu
Posts: 3
Joined: Mon Dec 21, 2009 8:25 pm

Re: problem in deploying the svnwebclient in https protocol

Postby schneigu » Mon Dec 21, 2009 8:35 pm

Hi Ekaterina,

I have exactly same problem. As soon as I change the URL to https, the tomcat5 process is looping during reading the new configuration. It is using whole CPU and is making thousends of IO operations. On the network, there isn't any traffic. Also not to the svn server.

Without https it reads the configuration correctly, but then it cannot connect to the svn server, of course.

Your post, with the parameter example doesn't help much. This is in the web.xml already in.
I tried to provide a key file and the password of it. It is not helping.

From my point of view svnwebclient is looping. But where and why?

Do you have any hint what we can do? How can we switchon more log info, to see where it is looping?

thanks in advance

schneigu
Posts: 3
Joined: Mon Dec 21, 2009 8:25 pm

Re: problem in deploying the svnwebclient in https protocol

Postby schneigu » Mon Dec 21, 2009 8:50 pm

Hi Ekatarina,

this information is already in web.xml.
I tried to supply this. At least the ProtokolKeyFile and the ProtocollPassPhrase. The Port is not clear for me if I use HTTPS. Is it just 433 or what is mean there?

The effect of an HTTPS URL is, the tomcat5 process ist looping during reread of the config.
100% CPU is used, there are thousends of IO's, not traffic to the network. Also not to the SVN server.

Any idea?

schneigu
Posts: 3
Joined: Mon Dec 21, 2009 8:25 pm

Re: problem in deploying the svnwebclient in https protocol

Postby schneigu » Mon Dec 21, 2009 9:39 pm

I have investigated a bit more in this issue:

for me it looks like a software error.
If I use filemon from sysinternals, I see the tomcat5 process looping by reading the ssl-keystore. It is opeing the file, reading some bytes and closing the file. All without an error. And then it is doing it again and again and again. It loops there forever.

please help.

fletch00
Posts: 1
Joined: Wed Jan 06, 2010 6:17 pm

Re: problem in deploying the svnwebclient in https protocol

Postby fletch00 » Wed Jan 06, 2010 6:21 pm

I have the same problem - I specified my private key id_rsa (from ssh-keygen) file path (who knows why it needs this if I am using a login and password?)
If I turn on FINE log level then the errors are revealed (its constantly loading and rejecting the private key)
over and over many times a second:

Jan 6, 2010 10:10:17 AM org.tmatesoft.svn.core.internal.util.DefaultSVNDebugLogger info
FINE: toDerInputStream rejects tag type 45
java.io.IOException: toDerInputStream rejects tag type 45
at sun.security.util.DerValue.toDerInputStream(DerValue.java:796)
at com.sun.net.ssl.internal.ssl.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:1199)
at java.security.KeyStore.load(KeyStore.java:1150)
at org.tmatesoft.svn.core.internal.wc.DefaultSVNSSLManager.loadClientCertificate(DefaultSVNSSLManager.java:298)
at org.tmatesoft.svn.core.internal.wc.DefaultSVNSSLManager.setClientAuthentication(DefaultSVNSSLManager.java:355)
at org.polarion.svncommons.commentscache.authentication.SVNSSLManagerWrapper.setClientAuthentication(SVNSSLManagerWrapper.java:40)
at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.promptSSLClientCertificate(HTTPConnection.java:543)
at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:252)
at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:234)
at org.tmatesoft.svn.core.internal.io.dav.http.HTTPConnection.request(HTTPConnection.java:222)
at org.tmatesoft.svn.core.internal.io.dav.DAVConnection.doPropfind(DAVConnection.java:97)
at org.tmatesoft.svn.core.internal.io.dav.DAVUtil.getProperties(DAVUtil.java:57)
at org.tmatesoft.svn.core.internal.io.dav.DAVUtil.getResourceProperties(DAVUtil.java:62)
at org.tmatesoft.svn.core.internal.io.dav.DAVUtil.getStartingProperties(DAVUtil.java:92)
at org.tmatesoft.svn.core.internal.io.dav.DAVUtil.findStartingProperties(DAVUtil.java:113)
at org.tmatesoft.svn.core.internal.io.dav.DAVUtil.getBaselineProperties(DAVUtil.java:197)
at org.tmatesoft.svn.core.internal.io.dav.DAVUtil.getBaselineInfo(DAVUtil.java:160)
at org.tmatesoft.svn.core.internal.io.dav.DAVConnection.fetchRepositoryRoot(DAVConnection.java:77)
at org.tmatesoft.svn.core.internal.io.dav.DAVRepository.getRepositoryRoot(DAVRepository.java:115)
at org.polarion.svnwebclient.data.javasvn.DataProvider.getID(DataProvider.java:134)
at org.polarion.svnwebclient.web.InitListener.contextInitialized(InitListener.java:77)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3831)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4323)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:823)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:807)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:595)
at org.apache.catalina.core.StandardHostDeployer.install(StandardHostDeployer.java:277)
at org.apache.catalina.core.StandardHost.install(StandardHost.java:832)
at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:625)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:431)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:983)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:349)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1091)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:789)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1083)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:478)
at org.apache.catalina.core.StandardService.start(StandardService.java:480)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:2313)
at org.apache.catalina.startup.Catalina.start(Catalina.java:556)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:287)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:425)
Jan 6, 2010 10:10:17 AM org.tmatesoft.svn.core.internal.util.DefaultSVNDebugLogger info
FINE: toDerInputStream rejects tag type 45
java.io.IOException: toDerInputStream rejects tag type 45

franc
Posts: 14
Joined: Sat Mar 03, 2007 9:57 am

Re: problem in deploying the svnwebclient in https protocol

Postby franc » Mon Sep 27, 2010 11:27 pm

Is there a solution now?
Or is SSL just not working?


Return to “Polarion SVN Web Client”

Who is online

Users browsing this forum: No registered users and 1 guest