How I fixed mod_ssl, AOL, and IE5

[Bryan Field-Elliot]

Software versions: apache-1.3.14-3 mod_ssl-2.7.1-3 RedHat Linux 7.0 on Intel Users with AOL 6.0 (which apparantly uses IE 5.01) were not able to connect to my secure server, at all. Per the mod_ssl FAQ, I had the following options in my httpd.conf file to account for IE bugs:   SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0   However, this didn't fix it. Thanks to a tip from Petri Pietu on this list, as well as info contained in this message: http://marc.theaimsgroup.com/?l=apache-modssl&m=97829845625936&w=2   I tried adding the following additional options to my .conf file: SSLSessionCache dbm:/var/cache/httpd/ssl_cache SSLSessionCacheTimeout  300   My AOL users are all fixed (three independent customers originally complained, and I verified that they are all fixed now). As mentioned in the message referenced above, SSLSessionCache is supposed to only be a performance option, and not affect functionality. I have no idea why putting the cache in place has fixed my AOL users. But there you have it. It would be nice if this were documented in the FAQ, or else if it belies a bug, then added to the hotlist.   Thanks, Bryan