Amazing... this also fixed another frustrating problem I had been having,
which I thought was a programming error. In a web site which uses SSL
inside frames (of course I needed to reload the entire frameset in SSL to
get the padlock to appear on broswers), I had been getting a message "the
page you are about to load contains both secure and insecure items... do
you want to continue" upon clicking Submit on IE5. Everything works
perfectly now. Thanks! Seems like this ought to be in the default
configuration file with mod_ssl, even though the problem is Microsoft's
fault. (Hard to explain that to all your users ;-)
Jamie
At 01:09 PM 5/4/00 -0500, Albert Steiner wrote:
> >From the FAQ
>
>When I connect via HTTPS to an Apache+mod_ssl server
> with Microsoft Internet Explorer (MSIE) I sometimes get
> I/O errors and the message "bad data from the server".
> What's the reason? [L]
>
> The reason is that MSIE's SSL implementation has some
> subtle bugs related to the HTTP
> keep-alive facility and the SSL close notify alerts on
> socket connection close. You've to
> work-around this by forcing Apache+mod_ssl to not use
> keep-alive connections and not sending
> the SSL close notify messages to MSIE clients. This can
> be done by using the following directive
> in your SSL-aware virtual host section:
>
> SetEnvIf User-Agent ".*MSIE.*" nokeepalive
> ssl-unclean-shutdown
>
> At 10:18 AM 5/4/00 -0400, James Treworgy wrote:
> >I am running apache 1.3.12 + mod_ssl 2.6.4 (openssl 0.9.5a) + mod_php
> >3.0.16 on RH Linux 6.0, though this problem has occurred in previous
> >versions of the software (e.g. 1.3.9 + prev. mod_ssl). mod_ssl is
> >installed as a dso.
> >
> >A user clicks a "submit" button on a form, or even a link, on an insecure
> >page which loads a secure page. In my testing, occasionally the first time
> >you click the button it will come up with a server error e.g. "can't find
> >page". Clicking the back arrow and clicking the button again always works,
> >and the problem will not recur in that session, but of course most users
> >won't figure this out! I generally use IE5 which is where this error has
> >been happening, I haven't been able to reproduce it yet in Netscape. The
> >action of the URL is a complete url (e.g. "https://xxx.xxx.xxx/x.php3")
> >which happens to be a different domain -- but same physical server - than
> >the referring page, though I can't imagine that this could be related.
> >
> >Any ideas? My gut tells me that the server hangs for a sec when first
> >starting a secure session and for some reason. (My server hosts a few
> >fairly low traffic web sites). I thought installing it as a DSO might help
> >but it still happens. I can't seem to create a specific circumstance under
> >which it will happen - e.g. if I restart httpd it won't do it the first
> >time I hit the site, it just happenssometimes.
> >
> >James Treworgy
> >[EMAIL PROTECTED]
> >
> >______________________________________________________________________
> >Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> >User Support Mailing List [EMAIL PROTECTED]
> >Automated List Manager [EMAIL PROTECTED]
> >
>--------------
>Albert Steiner Coordinator Distributed Computing
>Technology Support Services
>N O R T H W E S T E R N U N I V E R S I T Y
>1603 Orrington Suite #1400, Evanston, IL 60201-5064
>[EMAIL PROTECTED] Phone 847-491-4056 FAX 847-467-7732
>______________________________________________________________________
>Apache Interface to OpenSSL (mod_ssl) www.modssl.org
>User Support Mailing List [EMAIL PROTECTED]
>Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
