What versions of IE (4.0, 5.0 5.01, 5.5?) and security levels (40-bit,
56-bit, 128bit?) are affected besides 5.5? All of them? What version of
mod_ssl and openssl are you running?
Are you also runing the line:
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
in your virtual host in addition to your
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
line? Those two lines are now default in the latest release of mod_ssl.
If it's just MSIE 5.5, I can load up an NT machine here with 5.5 to test on
my server to see if it works here.
Does it work with Netscape? What versions?
What's your SSLLogLevel set to? Have you tried setting it higher and
looking in the ssl_engine_log?
Sorry, a lot of questions, but there's a lot of variables here.
-Dave
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Jeff Gelina
> Sent: Friday, July 14, 2000 4:49 PM
> To: [EMAIL PROTECTED]
> Subject: Re: msie AGAIN
>
>
> If anyone is out there, like the creater of modssl you may find this
> interesting......
>
> I do not think that this is an ie problem.... I am running IE
> 5.5 (as well
> as many other versions of ie) and they all access my linux server
> running my
> ssl mail server just fine. I have read and reread and reread the faq and
> comebed over the mailing list over and over and over. I have
> tried all the
> suggested artilces related to SetEnvIf and the -sslv3. I don't think this
> is the problem. I think modssl has a problem. Once again my mail server
> running CommuniGate Pro on https (which is a Linux server) runs just fine
> with IE. Infact, if I turn SSLv3 off in the I.E. browser this
> site will not
> come up. Hence, IE 5.5 works just fine with SSLv3. This leads me to
> believe that modssl has a problem. Does anyone know how to get in contact
> with the creater of modssl? Or would it be easier to switch over to
> ApacheSSL?????
> Jeff Gelina
> ISP Lead
> Colorado Information Technologies
> ----- Original Message -----
> From: "Jeff Gelina" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, July 14, 2000 4:54 PM
> Subject: Fw: msie AGAIN
>
>
> > Thankyou for responding Martin,
> > This is what I have set in my httpsd.conf file, however it does not
> seem
> > to help solve the situation. Any ideas? I really don't want to have to
> > demote everything to SSL2 but I will if I have to?
> >
> > <VirtualHost _default_:443>
> > DocumentRoot /home/httpd/html
> > ServerAdmin root@localhost
> > ErrorLog /var/log/httpd/error_log-ssl
> > TransferLog /var/log/httpd/access_log-ssl
> > SSLEngine on
> > SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> > downgrade-1.0 f
> > orce-response-1.0
> > SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
> > SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
> >
> > Jeff Gelina
> > ----- Original Message -----
> > From: "Martin Lichtin" <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Sent: Friday, July 14, 2000 12:25 PM
> > Subject: Re: msie AGAIN
> >
> >
> > > Jeff,
> > >
> > > I don't really know what symptoms you see with IE... but anyway,
> > > this is my working SSL configuration
> > >
> > > SSLProtocol SSLv2
> > >
> > > and inside <VirtualHost _default_:443>
> > >
> > > SetEnv nokeepalive 1
> > > SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> > >
> >
> > ______________________________________________________________________
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
> >
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
