Hi Louis,
It may be the troublesome 56bit cypher itself, try adding !EXPORT56
to your SSLCipherSuite, have a look at the faq
http://www.modssl.org/docs/2.8/ssl_faq.html#io-ie
Although that does not explain the IE6 problem, unless that's a red
herring.
Mikey
Louis Sabet <[EMAIL PROTECTED]> on 21/06/2002 14:31:41
Please respond to [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
cc:
Subject: 56-bit/128-bit IE problems
Hi all,
Encryption isn't a strong point for me unfortunately...
We have a website at http://www.mobiles.co.uk, which as part of the
ordering process connects to our Apache 1.3.22/mod_ssl RedHat machine,
and speaks SSL (the point at which it changes to
https://secure.mobiles.co.uk ).
We have had a few complaints from customers that they have been unable
to connect to the secure parts of our sites. Having ruled out
connectivity issues, and done some VMWare testing at home, I concluded
that the affected versions were (I think) all versions of IE with cypher
strengths of 56-bits. As soon as I patched the virtual machines with the
high-encryption pack, they sprung into life.
So my question really is this: Do I need to look for a problem in the
httpd.conf of our server, do I look for a problem with the
certificate/intermediate certificate, or do I just give up, and just
live with the fact that half our customers can't connect to our site?
I had originally assumed this was to do with a bug in early
implementations of IE5, but since then we have had reports of the same
behaviour in IE6 (which initially comes in 56-bit flavour under win2k
unless patched).
I have had no help from verisign, other than the usual confused
gibberings I have come to expect from them, so I hoped someone out there
might have a clue I can carry on with?
Thanks,
L
--
Louis Sabet <[EMAIL PROTECTED]>
http://www.webtedium.com/
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
All telephone calls are recorded and may be monitored.
E-mail communication is not secure and may be intercepted
by a third party. This message is confidential to the intended addressee.
If you are not the intended addressee, please inform us immediately and then
delete this message. Virgin One account does not accept responsibility for
changes made to this message after it was sent. Although Virgin One account
believes this e-mail is free of any virus or other defect which may affect a
computer, it is the responsibility of the recipient to ensure that it is
virus free and Virgin One account does not accept any responsibility for any
loss or damage arising from its use.
The Virgin One account is a secured personal bank account with The Royal Bank
of Scotland plc administered by Virgin Direct Personal Finance Ltd. It is an
Introducer representative only of Virgin Money Personal Financial Service Ltd,
which is authorised by the Financial Services Authority for life insurance,
pension and unit trust business and represents only the Virgin Money marketing
group.
Registered office: Waterhouse Square, 138-142 Holborn, London EC1N 2TH, UK.
Registered in England no 3414708.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
