Hi everybody,
i just received my Certificate from Thawte, Inc., configured Apache to use this
Certificate and restarted. When connection via IE 5.01 (56 bit) or NS 4.7 (128
bit) the connection refused and i get the following entry in my SSL-Engine
Logfile:
[18/Jul/2000 18:41:24 05805] [error] OpenSSL: error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher [Hint: Too restrictive
SSLCipherSuite or using DSA server certificate?]
Apache is 1.3.12 with latest mod_ssl, OpenSSL and EAPI unter SuSE-Linux 6.2 with
Kernel 2.2.14. OpenSSL is configured with no-idea and no RSAref (cause i'm
located in Austria). I send Thawte a DSA-encrypted CSR with Type-3 encryption
(the default values when doing a make certificate TYPO=custom within the Apache
Source-Tree) and received a DSA with Signature Algorithm: dsaWithSHA1.
The SSLCipherSuite is configured as default:
SSLCipherSuite ALL:!EXP56:RC4+RSA+ADH:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
Could anybody give me some hints/help. I hope i did nothing wrong, otherwise
this would be damn wasted 125 USD :(
Thanks in advanced,
Andreas
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]