next up previous contents
Next: Subversion and WebDAV Up: The http:// access schema Previous: Logging of the Subversion   Contents

Subversion Repositories over HTTPS

First, we need a private key and a certificate for the server. The private key is used to encrypt the communication between the server and the clients; the certificate contains the server's identity. They are generated using openssl command. 

# cd /usr/local/www/svn.https
# mkdir certs
# cd certs
# openssl genrsa -des3 -out server.key 1024
# openssl req -new -key server.key -x509 -out server.crt

After we have the keys we have to configure apache. We load the mod_ssl module 

LoadModule ssl_module libexec/apache22/mod_ssl.so

We then use the following directives to set up https: 

SSLEngine On

SSLCertificateFile certs/server.crt
SSLCertificateKeyFile certs/server.key
SSLSessionCache dbm:/usr/local/www/svn.https/ssl/gcache
SSLSessionCacheTimeout 3600
SSLVerifyClient none

Listen 443

And in the Location the points to the Subversion repository we add SSLRequireSSL directive: 

<Location /svn>
  DAV svn
  ...
  SSLRequireSSL
</Location


Ivan Ivanov 2008-04-21