On Wed, 17 Nov 1999, james wrote:
> I want to force only https to certain directories,
> so following the example in Chapter 5 [last example],
> <Directory /usr/local/apache/htdocs/secure>
> RewriteEngine on
> RewriteCond %{HTTPS} !=on
> RewriteRule .* - [forbidden]
> </Directory>
>
> still allows both http and https.
I am experiencing a (somehow, possibly) related
problem. I cannot make the following work
<Directory /blah1>
SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128
</Directory>
However, this *does* work:
<Directory /blah2>
SSLRequire %{SSL_CIPHER} !~ m/^(EXP|NULL)-/
</Directory>
Using some CGIs at the proper locations I was
able to verify the environment.
SSL_CIPHER_USEKEYSIZE *is* 40 when I am using an
export browser! Still, not "forbidden".
Setup:
Apache-1.3.9 + mod_ssl-2.4.8-1.3.9/OpenSSL-0.9.4 + php-3.0.12
Ideas?
Thanks,
Stefan
--
Let the Wookie win!
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
