|
»
»
»
SSL Client Certificate Password Issue
|
View:
New views
2 Messages
—
Rating Filter:
Alert me
|
 |
SSL Client Certificate Password Issue
by Jeremy Daggett
::
Rate this Message:
Hi,
I am having an issue with SSL Client Certificates that is a real issue for anyone using the CLI (and anyone using SVN for that matter). The problem that I need to solve is to have SVNKit cache the client cert passphrase so that it does not need to be entered every single time the user executes a command. This is extremely limiting behavior. I have to enter the passphrase for every single execution of a command, or leave it in plain text in a file on the filesystem. I was wondering what the best approach was for storing the "ssl-client-cert-password" somewhere that is not in plaintext as it is in the servers file. The DefaultSVN AuthenticationManager.requestClientAuthentication(...) would be an ideal candidate for doing this, but the password needs to live across executions of the command line executions. I also looked at SVNPasswordCipher, but it looks to only work on Windows. I need support for various flavors of Unix, like Linux and HP-UX... Could you please make some recommendations? Any insight is appreciated! Thanks. ~jeremy |
|
|
Re: SSL Client Certificate Password Issue
by Alexander Kitaev-3
::
Rate this Message:
Hello Jeremy,
I think you may extend DefaultSVNAuthenticationManager and ovveride so, that your custom caching code is used. As an example, take a look at EclipseSVNAuthenticationManager class - it extends default one, but stores all credentials in Eclipse keyring file, including client SSL certificate password (and default authentication manager doesn't do that, because it is not compatible with native Subversion client AFAIK). Alexander Kitaev, TMate Software, http://svnkit.com/ - Java [Sub]Versioning Library! Jeremy Daggett wrote: > Hi, > > I am having an issue with SSL Client Certificates that is a real issue > for anyone using the CLI (and anyone using SVN for that matter). > > The problem that I need to solve is to have SVNKit cache the client cert > passphrase so that it does not need to be entered every single time the > user executes a command. This is extremely limiting behavior. I have to > enter the passphrase for every single execution of a command, or leave > it in plain text in a file on the filesystem. > > I was wondering what the best approach was for storing the > "ssl-client-cert-password" somewhere that is not in plaintext as it is > in the servers file. The DefaultSVN > AuthenticationManager.requestClientAuthentication(...) would be an ideal > candidate for doing this, but the password needs to live across > executions of the command line executions. > > I also looked at SVNPasswordCipher, but it looks to only work on > Windows. I need support for various flavors of Unix, like Linux and HP-UX... > > Could you please make some recommendations? Any insight is appreciated! > Thanks. > > ~jeremy --------------------------------------------------------------------- To unsubscribe, e-mail: svnkit-users-unsubscribe@... For additional commands, e-mail: svnkit-users-help@... |
| Free Forum Powered by Nabble | Forum Help |