CentOS8下svn: E170013 和 svn: E120171 问题

CentOS8下svn: E170013 和 svn: E120171 问题

无法使用svn获取代码

错误消息

svn co https://IP/svn/project/trunk/code/module/modulename modulename
svn: E170013: Unable to connect to a repository at URL ‘https://IP/svn/project/trunk/code/module/modulename’
svn: E120171: 执行上下文错误: An error occurred during SSL communication

原因

客户端SSL版本比较高， 服务端SSL版本太低

临时解决方法

降低客户端最低允许的TLS版本

1. 找到配置文件
   ·

# openssl version -d
 OPENSSLDIR: "/etc/pki/tls"
# grep include /etc/pki/tls/openssl.cnf
# Note that you can include other files from the main configuration
# file using the .include directive.
#.include filename
.include /etc/crypto-policies/back-ends/opensslcnf.config
# PKIX recommendations harmless if included in all certificates.
# PKIX recommendations harmless if included in all certificates.
certs           = $dir/cacert.pem       # Certificate chain to include in reply
tsa_name                = yes   # Must the TSA name be included in the reply?
ess_cert_id_chain       = no    # Must the ESS cert id chain be included?

2. 修改配置文件opensslcnf.config
   /etc/crypto-policies/back-ends/opensslcnf.config
   将MinProtocol设置成TLSv1.0
   SECLEVEL变更为1（2也有可能无问题）

CipherString = @SECLEVEL=1:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:-aDSS:-3DES:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8
Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256
MinProtocol = TLSv1.0
MaxProtocol = TLSv1.3
SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_rsae_sha256:rsa_pss_pss_sha384:rsa_pss_rsae_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:ECDSA+SHA1:RSA+SHA1