RE: One more time -- How do I set up a redirect or error page for < 128-bit connections

[[EMAIL PROTECTED]]

Sorry, but the "Error Document 403 http://www.xxx.com/ssl_error_page.htm" 
directive does not work.

The server does NOT generate a 403 error for a failed SSL connection.  If 
the server does generate a standard error code, then I might be able to 
intercept it and send them to another page.

Here are the messages that show up in the error log:

   mod_ssl: SSL handshake failed (server ssl.xxxxxxx.com)
   OpenSSL: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher

Any other ideas about how I can get this to somehow trigger a redirect to 
my error page.

Thanks,

Jeff



At 01:31 PM 8/4/00 -0400, you wrote:
>I haven't looked too deeply into this, but I assume that by adding the
>directives:
>
>SSLCipherSuite
>SSLRequireSSL
>ErrorDocument 403
>
>at the per-Directory level, you ought to be able to do what you want.
>Tne ErrorDocument lets you specify either a text message or a re-direct URL.
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED]
> > Sent: Thursday, August 03, 2000 5:38 PM
> > To: [EMAIL PROTECTED]
> > Subject: One more time -- How do I set up a redirect or error page for <
> > 128-bit connections
> >
> >
> > I didn't see any replies to this the first time (and I still haven't
> > figured it), so let's try again...
> >
> > I have my server configured to only accept 128-bit+ SSL/TLS connections.
> >
> > How can I configure things to display an error page or do a redirect if a
> > user attempts to connect at a lower encryption level?  I had this working
> > with Apache-SSL by intercepting the "403" error and displaying an error
> > page.  However, I recently switched to mod_ssl and this trick
> > does not work.
> >
> > The examples I have seen show how to set up different levels of
> > encryption
> > for different directories, but this is not what I need.  I need
> > to display
> > an error page for anyone who attempts a low-encryption connection
> > on any page.
> >
> > Thanks,
> >
> > Jeff
> > ______________________________________________________________________
> > Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
> > User Support Mailing List                      [EMAIL PROTECTED]
> > Automated List Manager                            [EMAIL PROTECTED]
> >
>
>______________________________________________________________________
>Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
>User Support Mailing List                      [EMAIL PROTECTED]
>Automated List Manager                            [EMAIL PROTECTED]

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]