[cvsnt] CVSNT and SSL: Somebody clear the air
Tony Hoyle
tmh at nodomain.org
Mon Nov 10 16:22:02 GMT 2003
On Mon, 10 Nov 2003 07:47:44 -0800, "Woellert, Kirk D."
<kirk.woellert at ngc.com> wrote:
>Ok, after weeks looking through docs, message boards and the far corners of
>the internet, somebody answer these questions in a straightforward manner at
>a level that a 6th grader can understand:
>
>Q: Does CVSNT support SSL remote connections?
Yes, via sserver.
>Q: If CVSNT supports SSL how do you install it/configure it?
The installer does it automatically if sserver is enabled.
>Q: The docs seem to imply that CVSNT supports SSL, and in the Windows
>Control panel, in the CVSNT config dialog, there are settings for the paths
>to "SSL" certificates. Are these enough to peform basic SSL authentication?
Yes.
>Q: IIS 6 Resource Kit comes with a free a SSL certificate. Can/Should this
>certificiate be used in place of the one apparently installed with CVSNT?
No idea. I haven't got IIS6. If you want to use it 'properly' you
need a proper certificate from a CA, such as cacert (or verisign if
you're rich) - you can then use strict checking on the clients to help
security. The default cert works just fine against passive attacks
though.
>Q: Does the WinCVS GUI client support SSL connections?
No.
>Q: If WinCVS does not support SSL connections, is there a GUI that does?
AFAIK no.
Tony
More information about the cvsnt
mailing list