[cvsnt] sserver setup problems - solved

Chris Purves pchris at aims-bio.com
Thu Jul 5 20:51:33 BST 2007

Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.

On Thu, 05 Jul 2007 13:36:41 -0600, Chris Purves <pchris at aims-bio.com>  
wrote:

> On Thu, 05 Jul 2007 13:04:52 -0600, Chris Purves <pchris at aims-bio.com>
> wrote:
>
>> I have been trying to get the sserver to work with no luck so far.
>> Everything appears to work using pserver.
>>
>> In my PServer file I have:
>>
>> CertificateFile=/etc/cvsnt/ca.pem
>> PrivateKeyFile=/etc/cvsnt/ca.pem
>>
>> However, when I try to login:
>>
>> aimsnet:~# cvs -d :sserver:ChrisPurves at localhost:/cvs login
>> Logging in to :sserver:ChrisPurves at localhost:2401:/cvs
>> CVS Password:
>> SSL connection failed (-1): error:1408F10B:SSL
>> routines:SSL3_GET_RECORD:wrong version number
>> cvs [login aborted]: Connection to server failed
>> aimsnet:~#
>>
>> This seems to be a not uncommon problem; however, I haven't found any
>> solutions yet.
>> I am running CVSNT 2.5.03.2382-3 on Debian.
>>
> I also tried following the instructions at
> http://www.cvsnt.org/wiki/InstallationLinux and created a certificate
> authority then a request and signing the request using the new CA.  I now
> have:
>
> CertificateFile=/etc/cvsnt/cert.pem
> PrivateKeyFile=/etc/cvsnt/key.pem
>
> aimsnet:~# cvsnt -d :sserver:ChrisPurves at localhost:/cvs login
> Logging in to :sserver:ChrisPurves at localhost:2401:/cvs
> CVS Password:
> Server certificate verification failed: unable to get local issuer
> certificate
> aimsnet:~#
>
> A new error...
>
> According to http://www.cvsnt.org/wiki/InstallationLinux "In addition to
> these steps, the /etc/cvsnt/cert.pem file must be made available to the
> clients."
>
> So I try...
>
> aimsnet:~# cvsnt -d
> ":sserver;privatekey=/etc/cvsnt/cert.pem:ChrisPurves at localhost:/cvs"  
> login
> Logging in to :sserver:ChrisPurves at localhost:2401:/cvs
> CVS Password:
> Unable to read/load the client private key (0): error:0906D06C:PEM
> routines:PEM_read_bio:no start line
> cvsnt [login aborted]: Connection to server failed
> aimsnet:~#
>
> Still no luck.
>

Alright, to get sserver to work I did the following:

1. Download source (for Debian from /usr/src/, #apt-get source cvsnt)
2. Find genkey script (for Debian, located in  
/usr/src/cvsnt-2.5.03.2382/contrib)
3. Run genkey (creates cert and key: aimsnet.crt and aimsnet.key in my  
case)
4. Move created cert and key to /etc/cvsnt
5. Update /etc/cvsnt/PServer:

CertificateFile=/etc/cvsnt/aimsnet.crt
PrivateKeyFile=/etc/cvsnt/aimsnet.key

Now I can access cvsnt from local command line or remotely using  
TortoiseCVS.

-- 
Chris Purves

More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook