[EMAIL PROTECTED] schrieb:
>
> In the faq it says you can do a...
> SSLCipherSuite HIGH:MEDIUM
>
> to force high security ciphers, but when I use this and visit my site
> with either netscape v4.51 or IE v4, it says...
> "Netscape and this server cannot communicate securely because
> they have no common encryption algorithm(s)"
This is because your browser can only use weak encryption
(aka export crippled)
Try Communicator->Security Info->Navigator->configure SSLv2
->configure SSLv3
and look what ciphers are listed there
> and I get this in the apache ssl log file...
> OpenSSL: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
>
> I have no problems visiting other sites that have high security forced
> with my browsers. (ex: https://olb.westpac.com.au/default.asp).
This server uses a GlobalID cert that enables High security in your
browser.
>
> s_client seems to work though, when I run
> openssl s_client
>
> New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA
This works because s_client is capable of all ciphers.
--
Holger Reif Tel.: +49 361 74707-0
SmartRing GmbH Fax.: +49 361 7470720
Europaplatz 5 [EMAIL PROTECTED]
D-99091 Erfurt WWW.SmartRing.de
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
