On Mon, 14 Jun 1999, Ralf S. Engelschall wrote:
> On Mon, Jun 14, 1999, Jeffrey Burgoyne wrote:
>
> > We are considering moving from Stronghold to mod_ssl. Several months ago I
> > built a mod_ssl based system and had no problems. Now this should be a
> > simple one to figure out, but ...
> >
> > Platform : Linux RedHat 6.0
> > Software : Apache 1.3.6, openssl 9.03a, modssl 2.3.1-1.3.6
> >
> > Everything builds fine and starts fine. I used opensll with s_client to
> > ensure that the web server was speaking ssl fine :
> > s_client -connect 142.53.8.26:443 -ssl3 -state -debug
> > and everything went fine.
> >
> > Then when I try to connect from the browser (Netscape 4.04 Linux or
> > Netscape 4.06 on Windows NT) I get :
> >
> > Netscape and this server cannot communicate securely because they have no
> > common encryption algorithims.
> >
> > I expect its something quite simple and likely contained at the moddssl
> > site, but cannot fiind it. As well, the support link on the mod_ssl main
> > page won't display on the linux browser at all, and if I reload it hangs
> > the browser.
>
> Check your SSLCipherSuite directive, please. I guess it's configured to not
> contain RSA ciphers. Additionally you look at the debugging output of
> "s_client". It shows you which cipher here was choosen. I think it wasn't a
> RSA-based one. The background is just that Netscape only supports RSA-based
> ciphers.
I thought this as well and changed theCipher Suite to ensure it was RSA,
but to no avail. I'll check the debugging output from s_client, but I seem
to rememebr it negotiated an RSA cipher.
Jeff
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
