Hi, David Rees wrote: > Hi, > > I found a good workaround to this problem. Instead of changing SSLProtocol > to "all -SSLv2", you can make your SSLCipherSuite line read: > > SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP > The other way is to recompile openssl 0.9.5 with TLS_ALLOW_EXPERIMENTAL_CIPHERSUITS set to 0 instead of 1 in file ssl/tls1.h... That is the change that was made in 0.9.4->0.9.5 transition that gives us all this problems with IE 5.01... So we were under experiment :) The world EXPERIMENTAL clearly suggests that support for this ciphersuits is incomplete... Can somebody from openssl team comment? Oleg > > Which is the default with the addition of !EXPORT56. I tested on all the > various browsers we had around here, and it seems to work for all browsers. > > Ralf, maybe we can get this in the FAQ or somewhere else easy to find until > the proper software fix is released? This is quite a showstopper for a > large number of people. > > -Dave > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
