[cvsnt] sserver with self-signed certificates

Charles Oram charlesoram at hotmail.com
Mon Mar 13 22:22:06 GMT 2006

Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.

Tony wrote:

>Charles Oram wrote:
>>Is it possible to use CVSNT with sserver with self-signed client 
>>I've set up CVSNT to use sserver (with a Windows 2003 server) and I would 
>>ideally like to be able to use sserver with client certificates, but as 
>>far as I can make out this does not work with self-signed certificates.
>self signed certificates on the client make no sense - you might as well 
>not bother with them if you're going to do that.

What I want is an extra level of authentication of the user by making them 
have to have their private key installed on the computer they are accessing 
CVS from, and making sure that the server only accepts logins from users 
where the server know's the user's public key.
So if I install the user's self-signed certificate on the server, isn't that 
just giving the server the user's public key so that the server can 
authenticate the user? OK, I don't have the full chain of trust that you 
have with signed certificates, but you need more than a username and 
password to login to CVS then.

I take it from your answer that my original assumption was correct, i.e. 
that CVSNT does not allow self-signed certificates? Looking at sserver.cpp 
it seems so.

>>Is there any possibility that future versions of cvsnt might have a 
>>configurable option to allow this?

Fair enough.  guess I could always recompile my own version of 
sserver_protocol.dll if I was desparate to have it work that way.


Become a fitness fanatic @  http://xtramsn.co.nz/health

More information about the cvsnt mailing list
Download the latest CVSNT, TortosieCVS, WinCVS etc. for Windows 8 etc.
@CVSNT on Twitter   CVSNT on Facebook