org.apache.subversion.javahl.ClientException: Found invalid algorithm in certificate

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

org.apache.subversion.javahl.ClientException: Found invalid algorithm in certificate

Marc Strapetz-2
One of our users is encountering following exception:

svn: Java exception
svn: Wrapped Java Exception
   at org.apache.subversion.javahl.remote.RemoteFactory.open
   (Native Method)
   at org.apache.subversion.javahl.remote.RemoteFactory.openRemoteSession
   (RemoteFactory.java:228)
   ...
Caused by: org.apache.subversion.javahl.ClientException: Found invalid
algorithm in certificate
Unexpected ASN1 tag
   ...

with Subversion 1.9.7. He writes that command line client works fine for
him. It warns about the certificate not being "issued by a trusted
authority" and then shows the expected "(R)eject, accept (t)emporarily
or accept (p)ermanently?" question.

This happens on Linux.

Any ideas why command line client and JavaHL might behave differently here?

Note that the command line binaries are not identical to the JavaHL
binaries, but both have been compiled from Subversion 1.9.7. Could this
be a problem in our build process?

-Marc







Reply | Threaded
Open this post in threaded view
|

Re: org.apache.subversion.javahl.ClientException: Found invalid algorithm in certificate

Julian Foad-5
Ping! Anyone? (I noticed this message had no response on the list so far.)

Marc, please let us know if you learnt any more about this problem.

Thanks,
- Julian


Marc Strapetz wrote:

> One of our users is encountering following exception:
>
> svn: Java exception
> svn: Wrapped Java Exception
>    at org.apache.subversion.javahl.remote.RemoteFactory.open
>    (Native Method)
>    at org.apache.subversion.javahl.remote.RemoteFactory.openRemoteSession
>    (RemoteFactory.java:228)
>    ...
> Caused by: org.apache.subversion.javahl.ClientException: Found invalid
> algorithm in certificate
> Unexpected ASN1 tag
>    ...
>
> with Subversion 1.9.7. He writes that command line client works fine for
> him. It warns about the certificate not being "issued by a trusted
> authority" and then shows the expected "(R)eject, accept (t)emporarily
> or accept (p)ermanently?" question.
>
> This happens on Linux.
>
> Any ideas why command line client and JavaHL might behave differently here?
>
> Note that the command line binaries are not identical to the JavaHL
> binaries, but both have been compiled from Subversion 1.9.7. Could this
> be a problem in our build process?
>
> -Marc

Reply | Threaded
Open this post in threaded view
|

Re: org.apache.subversion.javahl.ClientException: Found invalid algorithm in certificate

Marc Strapetz-2
> Marc, please let us know if you learnt any more about this problem.

Unfortunately we didn't make progress here since my posting.

-Marc


On 02.01.2018 11:26, Julian Foad wrote:

> Ping! Anyone? (I noticed this message had no response on the list so far.)
>
> Marc, please let us know if you learnt any more about this problem.
>
> Thanks,
> - Julian
>
>
> Marc Strapetz wrote:
>> One of our users is encountering following exception:
>>
>> svn: Java exception
>> svn: Wrapped Java Exception
>>    at org.apache.subversion.javahl.remote.RemoteFactory.open
>>    (Native Method)
>>    at org.apache.subversion.javahl.remote.RemoteFactory.openRemoteSession
>>    (RemoteFactory.java:228)
>>    ...
>> Caused by: org.apache.subversion.javahl.ClientException: Found invalid
>> algorithm in certificate
>> Unexpected ASN1 tag
>>    ...
>>
>> with Subversion 1.9.7. He writes that command line client works fine
>> for him. It warns about the certificate not being "issued by a trusted
>> authority" and then shows the expected "(R)eject, accept (t)emporarily
>> or accept (p)ermanently?" question.
>>
>> This happens on Linux.
>>
>> Any ideas why command line client and JavaHL might behave differently
>> here?
>>
>> Note that the command line binaries are not identical to the JavaHL
>> binaries, but both have been compiled from Subversion 1.9.7. Could
>> this be a problem in our build process?
>>
>> -Marc
>
>
Reply | Threaded
Open this post in threaded view
|

Re: org.apache.subversion.javahl.ClientException: Found invalid algorithm in certificate

Philip Martin
Marc Strapetz <[hidden email]> writes:

>> Marc, please let us know if you learnt any more about this problem.
>
> Unfortunately we didn't make progress here since my posting.

I have just fixed a bug in the JavaHL implementation of SSL trust
prompting, see r1820718.  I don't know if applies in your case, but it
might if the client was attempting to accept the cert failures
temporarily.

--
Philip