Hello,
I have recently set up Apache 1.3.9 with mod_ssl 2.4.10. All that
worked great and I am able to connect to the encrypted site through my
browser etc etc.
I do not want to use certificates. It is my understanding that in order
to run an encrypted site without certificates, it is necessary to use
Diffie-Hellman key exchange. I have done this (make certificate,
specifying 'D' at the first prompt), and I have changed my
SSLCipherSuite directive to the following in order to allow
Diffie-Hellman ciphers (I think!)
SSLCipherSuite ALL:!RSA:DH:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP
Neither Netscape 4.7 nor IE5 can connect to the web server under these
conditions, although both claim to support SSLv3 (which Diffie-Hellman
is a part of, I believe). I know it's possible to run a secure web
server without certificates as I have been to numerous sites which do
so.
Can anyone tell me what I'm doing wrong here?
Thanks in advance,
John Easton
Back Office Team,
NrG Information Services Inc.
Calgary, Alberta
(403)974-1318
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
