François Beaune wrote:
Hey Justin,
Thanks for your answer. I did add the various versions of
the SSLCipherSuite directive to my virtual host container, sorry if
that wasn't clear.
In the meantime I found that, by inspecting the handshake between
TortoiseSVN and Apache, the connection does use RC4, which is good.
Still, I don't understand why this doesn't happen with Firefox (it
always uses AES 256, which shouldn't be allowed, if I
understand things correctly). Any clue?
Did you try running the shell script to verify that the server is
correctly applying the SSLCipherSuite directive and only offering the
ciphers you have allowed?
http://www.lazorsoftware.com/lazorsoft/files/openssl_check.sh
--
Justin Pasher
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
