On Fri, Apr 21, 2000 at 06:09:51AM +0200, [EMAIL PROTECTED] wrote:
> Full_Name: Chu-Ming Lu
> Version: 2.6.1
> OS: AIX 4.2.1
> Submission from: (NULL) (202.39.253.69)
>
>
> Version:apache_1.3.12+mod_ssl_2.6.1+openssl_0.9.5
> PlatformAIX4.2.1/RS6000/F50
> Use open_ssl make a private_key and a self_signed certificate(1024,md5).
> httpd.conf: SSLCipherSuite
> ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+SSLv3:+EXP:+eNULL
>
> RC4-56 Protected Problem:
> Use NS4.7 Browser(International Version) to view SSL page. The Page Inform shows
> "Security:This is a secure document that uses a medium-grade encryption key
> suited for U.S. export (RC4-56,128 bit with 56 secret).". Why we can not reach
> DES 128 bits protect ? What's wrong with "httpd.conf" or something else ?
Nothing is wrong wrong on the server side - the "export" versions of both NS and
IE are the limiting factor here. The browsers simply doesn't support a higher
level of security unless you have one of the special certificates mentioned in
http://www.modssl.org/source/exp/mod_ssl/pkg.mod_ssl/README.GlobalID
vh
Mads Toftum
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
