Hi!
On Wed, Jan 23, 2002 at 12:45:50PM -0800, jon schatz wrote:
> SetEnv downgrade-1.0
> SetEnv force-response-1.0
>
> inside of the ssl virtualhost container, but they're still being
> ignored, and the errors still show up in the log.
How do you tell they're being ignored? The access log isn't the
place to check that, as it only contains the protocol the browser
initially send in the request, not which protocol was used to
answer the request.
Test this using OpenSSL's s_client:
openssl s_client -quiet -connect server:443 <<EOF
GET / HTTP/1.1
Host: server
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0)
Connection: close
EOF
Output starts with:
HTTP/1.0 200 OK
^^^
Whereas with:
openssl s_client -quiet -connect server:443 <<EOF
GET / HTTP/1.1
Host: server
User-Agent: Mozilla/4.79 [en] (X11; U; SunOS 5.8 sun4u)
Connection: close
EOF
Output starts with:
HTTP/1.1 200 OK
^^^
You see, it's the HTTP _response_ you have to look at, not the
request you see in the access log.
Ciao
Thomas
--
Whom the gods would destroy, they first teach BASIC.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
