Hi,
I have a fresh install of OpenSUSE 12.3 (64 bit). I have set up an SVN repository, which I serve using apache over https (for security reasons). Trying to browse the repositories at https://localhost/svn/master/ works perfectly.
However, an SVN checkout (from a clear home directory on the server itself):
svn checkout https://localhost/svn/master/0045_http_lib/
fails with the following error:
svn: E175002: Unable to connect to a repository at URL 'https://localhost/svn/master/0045_http_lib'
svn: E175002: OPTIONS of 'https://localhost/svn/master/0045_http_lib': SSL handshake failed: Secure connection truncated (https://localhost)
I tried to diagnose the problem using openssl. The following command:
openssl s_client -tls1_2 -connect localhost:443
fails with the following error:
CONNECTED(00000003)
139721060136616:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1371737468
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
However, passing -tls1_1 or -tls1 instead of -tls1_2 works fine.
Does anybody know why this happens? Or, if this is a known bug, whether there is a workaround?
Many thanks,
Stefan.
P.S. Note: The same server configuration seeemed to work fine on OpenSUSE 12.2.