SVN - parse tlsext Work-Around
UPDATE (Apr 2, 2010): Version 2.2.15 does seem to have fixed this issue - I'd recommend upgrading if possible.
It took me so long to find the solution to this problem that I just had to share... Ever since last August, after upgrading Apache HTTPD from version 2.2.11 to version 2.2.13 I have had a nagging issue with my Subversion server and "parse tlsext" errors during large commits and other SVN operations (it seems I skipped version 2.2.12 for no apparent reason, but that version had the problem too).
SSL negotiation failed: SSL error: parse tlsext
According to comments on this page, "This issue is most propably because of using multiple SSL enabled VirtualHosts in Apache httpd 2.2.12 - 2.2.14 and OpenSSL 0.9.8f - 0.9.8l". They do link to a mod_ssl patch which they claim works. I did not try the patch myself, though - my SVN server is on Windows and I am not about to start building Apache on Windows, I will wait for the binaries to come! The patch is from November, so hopefully it will make its way into 2.2.15, whenever it is released.
Work Around:
After a bit of Googling I found several forum/mailing-list posts which pointed to disabling Transport Layer Security (TLS) Extensions by adding the following to the VirtualHost entry in httpd-ssl.conf file
SSLProtocol -ALL +SSLv3
The critical part I had been missing was that this needs to be added to EACH VirtualHost using SSL on the same port. Since I have multiple named VirtualHosts running on port 443, even though I had disabled TLS for the affected VirtualHost, TLS was still enabled on the port. Once I applied this to all VirtualHosts on port 443 everything worked as it should.
Hope it helps someone...
Export this post to PDF document
