osdir.com
mailing list archive F.A.Q. -since 2001!



Subject: Re: SSL Client certificates stored on hardware
devices - msg#00188

List: version-control.subversion.tortoisesvn.user

Mail Archive Navigation:
by Date: Prev Next Date Index by Thread: Prev Next Thread Index

Mads B. Tandrup wrote:
So there is no way to use hardware devices for authentication with openSSL?

As far as I know, no.
Sorry.

Stefan

--
___
oo // \\ "De Chelonian Mobile"
(_,\/ \_/ \ TortoiseSVN
\ \_/_\_/> The coolest Interface to (Sub)Version Control
/_/ \_\ http://tortoisesvn.net

Thread at a glance:

Previous Message by Date:

Re: SSL Client certificates stored on hardware devices

So there is no way to use hardware devices for authentication with openSSL? /Mads ----- Original Message ---- From: Stefan Küng <tortoisesvn-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> To: users-6zjzXkf2FExf8fUKLXF2/HdfcadvtA/q@xxxxxxxxxxxxxxxx Sent: Saturday, 18 November, 2006 7:32:42 PM Subject: Re: SSL Client certificates stored on hardware devices Mads B. Tandrup wrote: > We have setup a system of smart cards used for authentication with > various systems. We would like to use these smart cards with our > Subversion Apache server. When accessing the repository from a > standard Internet browser, we can authenticate using out smart cards. > > But is there a way for TortoiseSVN to authenticate with anything > other than a pkcs12 file? I can't seem to make it use the MS Crypto > API. The 'MS Crypto API' already says it: it's proprietary to Microsoft. It's not available on other OS. That's why Subversion doesn't support this. Also, it would have to be supported/implemented by OpenSSL, not Subversion itself. And even though this feature has been requested many many times, OpenSSL (i.e. the devs of OpenSSL) have refused to implement this for I guess their own reasons. Stefan -- ___ oo // \\ "De Chelonian Mobile" (_,\/ \_/ \ TortoiseSVN \ \_/_\_/> The coolest Interface to (Sub)Version Control /_/ \_\ http://tortoisesvn.net --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe-6zjzXkf2FExf8fUKLXF2/HdfcadvtA/q@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help-6zjzXkf2FExf8fUKLXF2/HdfcadvtA/q@xxxxxxxxxxxxxxxx ___________________________________________________________ All new Yahoo! Mail "The new Interface is stunning in its simplicity and ease of use." - PC Magazine http://uk.docs.yahoo.com/nowyoucan.html

Next Message by Date:

Crash when attempting to get a lock on a binary file

In-Reply-To: <455F515A.7080501-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> References: <455F515A.7080501-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> > If you're using SSPI for authentication, then this is a known bug (and > you're lucky you only get a crash when locking, not all the time). I've Yes, I am using SSPI for authentication. Sounds like that's probably it then - I assume that's the bug you discuss a fix for at http://subversion.tigris.org/servlets/ReadMsg?list=dev&msgNo=121610 Thanks for your time. regards, -- Jon Ashley

Previous Message by Thread:

Re: SSL Client certificates stored on hardware devices

So there is no way to use hardware devices for authentication with openSSL? /Mads ----- Original Message ---- From: Stefan Küng <tortoisesvn-Re5JQEeQqe8AvxtiuMwx3w@xxxxxxxxxxxxxxxx> To: users-6zjzXkf2FExf8fUKLXF2/HdfcadvtA/q@xxxxxxxxxxxxxxxx Sent: Saturday, 18 November, 2006 7:32:42 PM Subject: Re: SSL Client certificates stored on hardware devices Mads B. Tandrup wrote: > We have setup a system of smart cards used for authentication with > various systems. We would like to use these smart cards with our > Subversion Apache server. When accessing the repository from a > standard Internet browser, we can authenticate using out smart cards. > > But is there a way for TortoiseSVN to authenticate with anything > other than a pkcs12 file? I can't seem to make it use the MS Crypto > API. The 'MS Crypto API' already says it: it's proprietary to Microsoft. It's not available on other OS. That's why Subversion doesn't support this. Also, it would have to be supported/implemented by OpenSSL, not Subversion itself. And even though this feature has been requested many many times, OpenSSL (i.e. the devs of OpenSSL) have refused to implement this for I guess their own reasons. Stefan -- ___ oo // \\ "De Chelonian Mobile" (_,\/ \_/ \ TortoiseSVN \ \_/_\_/> The coolest Interface to (Sub)Version Control /_/ \_\ http://tortoisesvn.net --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe-6zjzXkf2FExf8fUKLXF2/HdfcadvtA/q@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help-6zjzXkf2FExf8fUKLXF2/HdfcadvtA/q@xxxxxxxxxxxxxxxx ___________________________________________________________ All new Yahoo! Mail "The new Interface is stunning in its simplicity and ease of use." - PC Magazine http://uk.docs.yahoo.com/nowyoucan.html

Next Message by Thread:

RE: SSL Client certificates stored on hardware devices

> Mads B. Tandrup wrote: > > So there is no way to use hardware devices for authentication with openSSL? > > As far as I know, no. > Sorry. > > Stefan Is it possible to copy the certificate after logon (via logon script) to the user's Documents and Settings directory (using some of the certificate handling code .NET Framework 2.0), and let the subversion config file point to it? I don't know, just thought I'd throw that out there.
blog comments powered by Disqus

Home | News | Sitemap | FAQ | advertise | OSDir is an Inevitable website. GBiz is too!