I don't have the time to investigate this fully in the context of SSL but from a
general understanding of how apache combines nested directives like this, I think you
might need to change the order of the Location containers. The rules for combining
directives are a bit complicated and (I have to say) not entirely well-documented. I
think you need to consider the line in sections.html document (look for a link in docs
from the doc):
"... each group is processed in the order that they appear in the configuration files
..."
This would imply that apache loads the rule for /upgrade.html then overrides it with
the rule for /. I am assuming here that "order" refers to the order in which apache
reads data from the config during startup and not the order in which applies
directives to incoming requests...
Confused? Me too...
Rgds,
Owen Boyle
>-Original Message-
>From: Jeroen Vriesman [mailto:[EMAIL PROTECTED]]
>Sent: Montag, 19. August 2002 12:28
>To: [EMAIL PROTECTED]
>Subject: redirecting users part 2
>
>
>Hi,
>
>I'm trying to redirect users who don't have enough encryption
>capabilities for 128 bit (see previous mail).
>
>I've tried the following (but it doesn't work):
>
>
>Add upgrade.html (the text users with old browsers are
>supposed to get) to index:
>
>DirectoryIndex index.html index.htm Index.html Index.htm
>INDEX.HTML INDEX.HTM upgrade.html
>
>
>Initiallay allow all strengths:
>
>SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+SSLv2:+EXP:+eNULL
>
>And then:
>
>
>SSLRequire %{SSL_CIPHER_USEKEYSIZE} < 128
>
>
>
>SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128
>
>
>But it doesn't work, any idea why it doesn't work?
>
>Cheers,
>Jeroen.
>__
>Apache Interface to OpenSSL (mod_ssl) www.modssl.org
>User Support Mailing List [EMAIL PROTECTED]
>Automated List Manager[EMAIL PROTECTED]
>
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]