A little more information from my recent experience. The FAQ pretty much says it all. http://www.modssl.org/docs/2.8/ssl_faq.html#ToC49
One particular client experienced this problem against one of our servers but not another. Apache 1.3.12, modssl: 2.6.2-1.3.12. The primary difference between the servers is the URL and the key. The httpd.conf files differ in 6 lines, all related to the server name, URL and filename for the crt and key. The other difference is that they use a different image server. The failing site's image server used the same apache/modssl configuration with modperl disabled. Do not have access to image server for the site that worked. The SSL failure would occur in both the base server and the image server. The failing client was Windows NT 4 Server: IE 4.72.3110.8 Cipher Strength 40-bit Update Versions: ;SP1; Product ID: 71929-932-2000023-12347 After critical updates were installed went to and still failed; IE 4.72.3110.8 Cipher Strength 40-bit Update Versions: ;SP1;q240308;q231452 After SP6a/128 bit was installed went to and worked fine: IE 4.72.3110.8 Cipher Strength 128-bit Update Versions: ;SP1;q240308;q231452 Note that I did not install any updates specifically to Internet Explorer in this process, just Windows NT server. If I stumble across another client that fails, I'll play around with the keys on the server to see if that affects the problem. The error was : [13/Dec/2001 10:18:53 06874] [info] Connection to child 0 established (server xxxxxxxxxxxxxxxxx:443, client xx.xx.xx.xx) [13/Dec/2001 10:18:53 06874] [info] Seeding PRNG with 1160 bytes of entropy [13/Dec/2001 10:18:53 06877] [error] SSL handshake interrupted by system [Hint: Stop button pressed in browser?!] (System error follows) [13/Dec/2001 10:18:53 06877] [error] System: Connection reset by peer (errno: 131) [13/Dec/2001 10:18:53 06874] [info] Connection: Client IP: xx.xx.xx.xx, Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits) ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
