The problem is more likely that you're using an export-grade browser,
which only support 40-bits secret for US export control reasons.
Assuming you're in the US and have a registered domain name on your
machine, you can download a 128-bit strong-encryption browser from
Netscape or M$. After that, assuming you have all the ciphers turned on
in mod_ssl/OpenSSL, you should see that message change to 128-bit. (PS:
with Netscape, the way to tell the difference in the file you're
downloading is that a file such as cc32e461.exe is export grade, hence
the 'e', while the domestic version would be cc32d461.exe. The latter
is the one you want.)
Hope this helps,
Cliff
Cliff Woolley
Central Systems Software Administrator
Washington and Lee University
http://www.wlu.edu/~jwoolley/
Work: (540) 463-8089
Pager: (540) 462-3472
>>> Charles Tassell <[EMAIL PROTECTED]> 08/13/99 12:49PM >>>
I have a question about 128 bit certificates: How do I tell if I have
one?
I just looked at the Netscape "Page Info" of a site I connected to via
https, and it said :
Security: This is a secure document that uses a medium-grade encryption
key
suited for U.S. export (RC4-40, 128 bit with 40 secret).
Does this mean I only have a 40-bit key, or a 128 bit key? The "128
bit"
part would make me believe I was nice and secure, but that "40 secret"
kind
of scares me. If we have to spend another $600 Canadian to replace a
bad
cert request, my boss is going to be pi$$ed at me. ;-)
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
