I'm trying to use Hudson (which uses SVNKit) to access a Subversion repository that requires a client certificate to access it. I can access the same repository using the same client certificate via Eclipse (also using SVNKit).
When Hudson tries to check out the repository, it fails with:
org.tmatesoft.svn.core.SVNException: svn: Received fatal alert: handshake_failure
Hudson is running under Tomcat, so I turned on ssl debugging in the Tomcat log (-Djavax.net.debug=ssl).
At the end of the handshake I see:
*** ServerHelloDone
Executor #0 for master : executing eMASS integration #3, SEND SSLv3 ALERT: warning, description = no_certificate
I'm not sure if that is the crux of the problem or not.
That follows a list of Cert Authorities. I made sure the server's cert root issuer is imported in my cacerts, as well as the intermediate issuer. I still get the same problem.
Any ideas for what to look at?
The log is on pastebin.
There were several bugs in Hudson's subversion plugin involving dealing with SSL certs and their passwords. Here's the one I reported, which they have fixed: http://issues.hudson-ci.org/browse/HUDSON-5230. So now, it should properly save the cert you upload.
Upgrade to the latest version of Hudson (Hudson ver. 1.342 or later) and also the latest version of the subversion plugin (1.10, available at https://hudson.dev.java.net/servlets/ProjectDocumentView?documentID=147307&showInfo=true). To install this plugin, download the subversion.hpi file, then in Hudson go to Manage Hudson -> Manage Plugins -> Advanced, and upload it. Then you need to restart Hudson.