The problem is not in Apache. It is actually in IE itself. So tweaking
httpd.conf will not work. I can't recall the exact certificate version
which causes this problem but I do remember that one of the affected
certificates is a certain one issued by Verisign and the other I think
by another CA.
Is your certificate new? Or was it issued some months back? I guess
the safe thing to do is to ask for another trial certificate and test
that. If that works then I guess you have to upgrade your cert. This
may seem to be a pain because of the extra cost and I am pretty sure
that Verisign will not do it for free because they are *not* the one who
committed the mistake, but I guess this is the only way.
Deds Castillo
Infiniteinfo
http://www.infiniteinfo.com
Jared wrote:
>
> Deds,
>
> Actually, I'm using the 128-bit encryption of IE5. It seems that on the contrary,
> the server works with clients who supports 40-bit encryption as in IE4.0 and
> Netscape. How can I modilfy my httpd.conf so that I could support 128-bit
> encryption?
>
> Thanks.
>
> JARED
>
> -----Original Message-----
> From: Deds Castillo [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, January 31, 2001 9:50 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [plug] IExplorer5 can't connect to SSL Server
>
> This is a bug in IE5 when doing SSL handshakes. Do a "Help->About" and
> look at your encryption settings. I suspect that you may be using
> 40-bit encryption. Try upgrading your IE to 56 or 128 bit and it should
> work fine. On some issued certificates though, I noticed that it barfed
> on 56 bit and not 40/128. This will actually work if you are using
> Microsoft IIS, but since you are using apache then you have to face the
> fact that MS *ed up again.
>
> Deds Castillo
> Infiniteinfo
>
> Jared wrote:
> >
> > Hi.
> >
> > I have setup a web site using mod_ssl/openssl and apache.
> > I can get certificate from the server if I use Netscape and
> > Internet Explorer 4 at the client side. With IExplorer5, I simply
> > get a DNS error. It seems I have a problem with handshake or
> > ciphers or whatever. I looked at the ssl_server_log but I can't get a hint.
> > I checked my settings in IE5 and checked all protocols (SSLv2, SSLv3, PCT, etc.)
> > but still to no avail. Can anyone shed light on this.
> >
> > Thanks.
> >
> > _
> > Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> > To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
>
> _
> Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
>
> _
> Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
> To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
