Hmm, I want to use this for an multi usable web service independent of apache and no restrictions (or so) for the users or user scenarios about openssl usage ...
If the caller has an certificate generated by an not-restricted openssl using whatever he want to to ... how can "I"=web service handle this certificate without getting an "bad record mac" error ? >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of via RT >Sent: Saturday, January 07, 2006 3:22 AM >To: Kämpfe, Christiane >Cc: openssl-dev@openssl.org >Subject: [openssl.org #1204] bug report - 0.9.8 and bad record >mac because of wrong SSL_OP_TLS_BLOCK_PADDING_BUG handling > > >For Subversion, which goes through apache, I found that one workaround >is to disable all SSLv3 ciphers except RC4. My apache config now has: > > SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA > >and subversion appears to work again. > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]