Brendon,
I'm going to take a couple of guesses here, so don't shoot me if you've checked these already... ;->
I noticed below that you are using the SSLCertificateChainFile directive. This leads me to believe that you are using a Verisign cert. Do you know if you are using the Verisign 'Global' ID cert? (i.e. Server Gated Cryptograpy (SGC))?
If you are, you must ensure that your fully qualified domain name matches the name in the certificate EXACTALLY! (I don't know if putting the port number after the domain name matters or not....).
I had the same problem when we went from the testing certificate (i.e. SnakeOil) to the cert from Verisign. Only IE stopped working. Apparently, they do some additional checking in the case of a SGC cert. So, as opposed to presenting a dialog asking if you still want to continue, they just shut down the connection.
Netscape continued to work as expected.
I'd recommend switching back to a SnakeOil cert to see if it can be this or not.
- Bob
> -----Original Message-----
> From: Brendon Maragia [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, November 15, 2000 4:16 AM
> To: [EMAIL PROTECTED]
> Subject: somebody shoot me, please
>
>
> First i'd like to thank everyone for their advice about my
> MOD_SSL + MSIE5.x
> problem. I recompiled everything WITHOUT rsaref-2.0 and I
> still cannot get
> a connection with MSIE5.5 only MSIE4.0 & 5.0. Heres a quick
> run down of
> what i'm running and the virtual host i'm trying to connect to...
>
> apache_1.3.14
> mod_ssl-2.7.1-1.3.14
> openssl-0.9.6
>
> My Virtual Host:
>
> <VirtualHost 216.186.181.230:443>
> DocumentRoot /home/commaflex/public_html/checkout
> ServerAdmin [EMAIL PROTECTED]
> ServerName checkout.commaflex.com
> ErrorLog /home/commaflex/public_html/checkout/.error.log
> TransferLog /home/commaflex/public_html/checkout/.transfer.log
> SSLEngine on
>
> SSLCertificateFile
> /usr/local/ssl.keys/checkout.commaflex.com/ssl.csr/server.crt
>
> SSLCertificateKeyFile
> /usr/local/ssl.keys/checkout.commaflex.com/ssl.key/server.key
>
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
> SSLCertificateChainFile
> /usr/local/ssl.keys/checkout.commaflex.com/ssl.crt/ca.crt
>
> <Files ~ "\.(cgi|shtml)$">
> SSLOptions +StdEnvVars
> </Files>
> <Directory "/usr/local/apache/htdocs/cgi-bin">
> SSLOptions +StdEnvVars
> </Directory>
>
> SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> downgrade-1.0 force-response-1.0
>
> CustomLog /var/log/apache_ssl_request_log \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> SSLLogLevel debug
> </VirtualHost>
>
> ...I've checked all my logs upon trying to connect with
> MSIE5.0 and the
> server seems to execute a standard hand shake, and then
> gracefully execute a
> standard shutdown with no complaints.
>
> All I get from MSIE5.x is "Page Could Not Be Displayed".
> Could someone
> pleassee pleaseee help :)
>
> Brendon
> ______________________________________________________________
> ___________
> Get Your Private, Free E-mail from MSN Hotmail at
http://www.hotmail.com.
Share information about yourself, create your own public profile at
http://profiles.msn.com.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
