|
I am trying to make my server use 128 bit encryption across
the board.. Then what I would like to do is have a subdirectory that accepts, at
the minimum, 40 bit encryption... I would like to force the users
into using 128 bit encryption... But, if they go to this one
directory with a browser that has 40 bit encryption it will allow them
access.....
So far I have tried setting the following options in the
httpd.conf.
SSLCipherSuite HIGH:MEDIUM
<Location /allowed/subdirectory>
SSLRequire %{SSL_CIPHER_USEKEYSIZE} <=
56
</Location>
This doesn't work... I tried accessing it with Netscape
3.0 (40 bit encryption)... It still gains access to it... I turned off the
56/128 bit encryption levels in the security preferences... Any
suggestions?????
- Larry Hoffman
|
