Bit off topic this, but I thought I'd ask anyway...

I've been implementing a financial reporting system, in PHP, which will be 
running on the internet.

Obviously, therefore, security is an issue. The system itself implements a 
username/password login system, but I want to be able to run it using SSL 
for obvious reasons.

My problem is this: The server we have (Red Hat 7.0, Apache 1.3.14-3, 
open-ssl 0.9.5a-14, mod_ssl 2.7.1-3) came with ssl preconfigured and ready 
to use. It runs at 128 bit encryption which is fine as far as I'm 

The people who will be using the system, however, have a company standard 
browser which is IE 4 and only supports 40 bit encryption. And for various 
political reasons they don't want to upgrade all the browsers. So what I 
want to know is how easy it is to "turn down" the encryption level, and how 
to go about it.

Any suggestions, pointers??? All the documentation I've come across thus 
far doesn't really cover anything like this....


Richard Black
Systems Programmer, DataVisibility Ltd - http://www.datavisibility.com
Tel: 0141 435 3504

PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to