Use this:
SSLProtocol all
BrowserMatch "MSIE" nokeepalive ssl-unclean-shutdown downgrade-1.0
force-response-1.0
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
^^^^^^
Notice that you should have !EXPORT56 configured, !EXP56 does not work.
-Dave
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Tim Gardner
> Sent: Monday, July 09, 2001 11:34 AM
> To: [EMAIL PROTECTED]
> Subject: Use SSL 3.0 checked but not 2.0
>
>
> I am using red hat linux with:
> openssl 0.9.5a 1 Apr 2000
> mod_ssl-2.7.1-3
> mod_perl-1.24-6
> apache-1.3.14-3
>
> In httpd.conf I have cobbled together (without fully understanding)
> the following from suggestions on this list and in the faq:
>
> SSLProtocol all -SSLv3
> SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> downgrade-1.0 force-response-1.0
> SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
>
> Everything seems to be working great EXCEPT that a couple users with
> IE 5.0 have only checked
> Tools:Internet Options:Advanced:Security:Use SSL 3.0 checked
>
> But unless Use SSL 2.0 is also checked, they can't connect to my site.
>
> Is there a way I can modify httpd.conf to allow SSL 3.0 connections
> too without breaking what is already working for everyone else?
>
> Thanks,
> Tim
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
