Hi,
If I use an IE 5.01 browser in order to connect to an openssl based server I
need to disable the RC4-MD5 cipher on the server (use: DEFAULT:!RC4-MD5)
in order to get things work properly.
If I don't do this, I get a "page cannot be displayed" error message on the
browser.
In this configuration I use a verisign or Thawte certificate on the server.
When I use a certificate which was generated and signed by another self
signed root certificate which is also generated and signed by the openssl
utility,
after installing the root certificate on the browser I can connect without
disabling the RC4-MD5 cipher.
My question is what the connection between the IE 5.01 bug and the
certificate installed on the server ?
Can I get a commercial certificate (with it's root ca already installed on
all the common browser, e.g Verisign) that will work with IE 5.01 without
disabling RC4-MD5 ?
I have a problem disabling this cipher because this makes problems for
Netscape browsers.
Itai.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
