We have had connection problems (I/O errors) and file upload problems with
the Microsoft IE Browser and Apache mod_SSL on a Windows NT platform.
Specifically, receiving an intermittent number of "The page cannot be
displayed" along with "Cannot find server or DNS error" messages. We do not
receive these messages with the Netscape browser. We had to do the
following to resolve our issues:
1. Remove the "nokeepalive" entry from the 'SetEnvIf User-Agent ".*MSIE.*"
nokeepalive ssl-unclean-shutdown' line in the http.conf file.
2. We also had connection problems when uploading files with the IE browser
to our Apache HTTP Server website with SSL enabled. We received the same
messages I mentioned above. We use Apache as bundled with the Oracle9i
Application Server. We had to apply a patch to the ApacheModuleSS.dll that
we obtained from Oracle.
Carol Kuczborski
EDS - Enabling Business Solutions
MS A6N-B47
13600 EDS Drive
Herndon, VA 20171
* phone: +01-703-742-1025 (8-432)
* mailto:[EMAIL PROTECTED]
www.eds.com
-----Original Message-----
From: Nick Temple [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 18, 2001 6:26 PM
To: [EMAIL PROTECTED]
Subject: Browser Problems
Hi --
My question is: what is the most stable version of Apache / mod_ssl/
OpenSSL and configuration options, stable in this case meaning allowing the
widest group of the most common browsers to connect (AOL, IE, Netscape,
Opera), on the most widely used OS's to connect? (WIN, Macs, Linux,
Solaris). Trading Netscape compatibility (SSL -v3) for Mac/IE compatibility
isn't really an option.
I'm pretty sure I've scoured the appropriate FAQ's and archives, though I
could have missed something.
I have been having many reports of connection errors with various browsers
(we are in the process of compiling a complete list). I am currently
running a stock Red Hat install (7.0, I'm pretty sure). Relevent info is:
'SERVER_SOFTWARE' => 'Apache/1.3.12 (Unix) (Red Hat/Linux) mod_ssl/2.6.6
OpenSSL/0.9.5a mod_perl/1.24',
httpd.conf:
SSLEngine on
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLOptions +StdEnvVars
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [1-4]" nokeepalive ssl-unclean-shutdown downgrade-1.0
force-response-1.0
BrowserMatch "MSIE [5-9]" ssl-unclean-shutdown
We are using a Thawte wildcard cert (*.commercestore.com), if that makes any
difference.
Our store caters to end users, so this really needs to be as
cross-compatible as possible.
Thanks,
Nick
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
