On Thu, 23 Mar 2000, Jan Dries wrote:
> Jie Gao wrote:
> > [...]
> > On: Apache/1.3.12 (Unix) mod_perl/1.21_03 mod_ssl/2.6.2 OpenSSL/0.9.5
> >
> > The browser just dies with this error on Win 98:
> >
> > The application has performed an illegal operation and will be shutdown.
> > [...]
>
> I've had exactly the same problem for an Apache 1.3.12 / mod_ssl 2.6.2 /
> OpenSSL 0.9.5 running on Win NT 4. I was using the Netscape 4.6 browser,
> either on NT or Linux. And actually, IE 4.0 had the same problem. That
> is, although it didn't crash, it would give an error message and if then
> checked the SSL log, it would have identical displays.
> The problem only occurs when requiring clients to authenticate (having
> specified "SSLVerifyClient require").
> The odd thing was, it did initially work with the NS 4.6 as well as the
> IE 4.0 browser. And one day, for no obvious reason, it just didn't work
> any more. At that point, a downgrade to a previous version of Apache /
> modssl / openssl that had worked fine for quite some time, didn't make
> the problem go away, which made me wonder if the problem could be date
> related.
> I've now upgraded to NS 4.72 and IE 5.0 on Win NT, and the problem has
> gone away. But if I connect to the same configuration from my NS 4.6
> browser on Linux, the browser crashes.
I have done a few more tests:
1. Navigator 3.01 on win98 worked initailly, but it is now a sure kill;
2. Navigator Gold 3.01 on win95, dies invariably;
3. No problem with Mozilla/4.07 [en] (X11; I; SunOS 5.6 sun4m);
4. No problem with Mozilla/4.5 [en] (X11; I; SunOS 5.6 sun4u);
5. No problem with MSIE 5.0 on Win95.
6. Setting SSLPortocol "sslv2" did not help.
I would not really mind if it just happens with Navigator 3.x, as the users
should upgrade anyway; but if this is a problem with NS 4.72 and IE 5.0,
it's going to affect a lot of users.
I suspect this has to do mainly with OpenSSL 0.9.5 which is said to
be a major release?
Jie
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
