I see. I can confirm that on my test environment everything is working correctly if I put SSLVerifyClient require at server wide.
So we can solve this by using two addresses for server, one for svn with require and the other for trac. Or we can use a different port for svn. On Fri, Jan 15, 2010 at 8:41 AM, Andreas Jellinghaus <a...@dungeon.inka.de> wrote: > > Am Freitag 15 Januar 2010 06:29:06 schrieb Alon Bar-Lev: > > Why you need renegotiation? I will try to setup apache at my machine. > > because of our configuration. > > server wide: > SSLVerifyClient optional > and in /svn and certain actions only: > SSLVerifyClient require > require valid-user > > that way normal users can access /svn read-only, > which helps e.g. if they are behind a broken > http proxy that breaks svn communication. > > also we don't want to require ssl client certificates > for trac access (e.g. login). > > Regards, Andreas _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
