Recipe for subversion-to-git for rsa (of


Google Code is now Dead Code Walking, it’s time to acquire copies of the necessary sources mastered there.


rsaThe rsa project an implementation of the RSA cryptography algorithm in C++.


$ cd /vault/git/svn/
$ mkdir rsa
$ svnadmin create rsa
$ cat > rsa/hooks/pre-revprop-change <<EOF
exit 0;
$ chmod +x rsa/hooks/pre-revprop-change

$ svnsync init file:///vault/git/svn/
Copied properties for revision 0.
# (just the one line of output)

$ svnsync sync file:///vault/git/svn/ 
# ... lots and lots of output (very slow)
# (very slow)
$ cd /vault/git/clones
$ git svn clone file:///vault/git/svn/ -T trunk -b branches -t tags
Initialized empty Git repository in /vault/git/clones/rsa/.git/
Using higher level of URL: file:///vault/git/svn/ => file:///vault/git/svn/
# (lots of output, very slow)
r70 = ec1f09d6cf45cb09d411cac386b76ade1b5da15d (refs/remotes/trunk)
Checked out HEAD:
  file:///vault/git/svn/ r70

# convert to the bare repository format
$ mv rsa/.git rsa.git
$ rm -rf rsa
$ cd rsa.git
$ git config --bool core.bare true

Also, -s or --stdlayout is the same as -T trunk -b branches -t tags

WATCHOUT – if you use --stdlayouton an inappropriate dubversion URL, then you’ll get an empty cloned git repository.  The case above has the “standard layout” occurring, not at the top level, but rather one level down; e.g. within rsa of file:///vault/git/svn/, for a complete URL of file:///vault/git/svn/


emacs rsa.git/description
touch rsa.git/git-daemon-export-ok


SOLVED: What causes “Oops, no RSA or DSA server certificate found for ‘servername.tld:0′”

tl;dr => the error message has nothing at all to do with the problem and is horrendously misdirective.


  • Disable every single VirtualHost stanza
  • Prove that the server starts with no VirtualHost stanzas at all.
  • Foreach VirtualHoststanza
    • Enable the VirtualHost
    • Restart the server
  • You have identified the VirtualHost stanza containing the problem.


  • That SSLEngine On has been omitted from one or more VirtualHost stanzas.
  • That the ServerName or ServerAlias is incorrect or duplicated with another stanza.


Dates for Phasing out MD5-based signatures and 1024-bit moduli | Mozilla

Mozilla; Dates for Phasing out MD5-based signatures and 1024-bit moduli; last updated 2012-09-12 (as seen 2013-01-21).

  • 2013-12-31 – Mozilla will disable or remove all root certificates with RSA key sizes smaller than 2048 bits.
  • Mozilla’s Root Change Process
  • NIST SP 800-57 Recommendation for Key Management; Part 1 (2012-07), Part 2 (2005-08), Part 3(2009-12).
    • minimum key sizes recited inline
  • SP-800-131 DRAFT Recommendation for the Transitioning of Cryptographic Algorithms and Key Sizes SP-800-131A