I am using red hat linux with:
openssl 0.9.5a 1 Apr 2000
mod_ssl-2.7.1-3
mod_perl-1.24-6
apache-1.3.14-3
In httpd.conf I have cobbled together (without fully understanding)
the following from suggestions on this list and in the faq:
SSLProtocol all -SSLv3
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
Everything seems to be working great EXCEPT that a couple users with
IE 5.0 have only checked
Tools:Internet Options:Advanced:Security:Use SSL 3.0 checked
But unless Use SSL 2.0 is also checked, they can't connect to my site.
Is there a way I can modify httpd.conf to allow SSL 3.0 connections
too without breaking what is already working for everyone else?
Thanks,
Tim
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
