On Wed, Apr 07, 2010, Florent Georges wrote: > Hi, > > I am using openssl from within neon, itself used from within > Subversion. During an svnsync, I receive the following error > message: > > svnsync: PROPFIND of '/svn/xxx': SSL negotiation failed: SSL > error: parse tlsext (https://xxx.org) > > If I am right, this message comes from openssl. Is it really > an error reported by openssl? If it is, is there anything I can > do to either solve the problem or at least get more informations > about the context of the error? > > I am ready to compile myself the source packages if needed (and > actually I did to be sure the TLS extensions where enabled during > the build process, but still getting this error). I am under Mac > OS X Snow Leopard. >
That looks like it is only part of the actual error code. I suspect it is because the server doesn't support secure renegotiation. You can check this by doing: openssl s_client -connect xxx.org:443 and it should say if secure renegotiation is supported in the output. If it isn't supported the best fix is to upgrade the version of OpenSSL on the server. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
