> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Simon Weijgers
>
> I'm getting spurious SSL handshake interrupts with MSIE (alot with msie4
> (i tried 4.72.3110.4 and 4.72.3612.1713) and sometimes with MSIE
> 5.00.2614.3500. But this is old news. What I discovered today is that if I
> disable the sessioncache (SSLSessionCache none) none of the above clients
> can make ssl connections at all to my server (a spurious SSL handhake
> interrupt error in the ssl_engine_log for all the requests).
> Netscape, of course, still works fine.
>
> I run apache 1.3.12/mod_ssl-2.6.2 as shipped with Red Hat 6.2.
>
> I'm going to upgrade to 2.6.5 and see if that improves anything.
I'm betting that it won't, but there are other bug fixes included that
you'll want anyway.
Do you have the lines:
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
in your httpd.conf?
You can read more about it here:
http://www.modssl.org/docs/2.6/ssl_faq.html#ToC48
Upgrading to 2.6.5, but keep in mind that there is a known bug in 2.6.5
which prevents restarts when mod_ssl is compiled statically into Apache. If
you need to compile mod_ssl statically into Apache, I have a patch, email me
for it.
-Dave
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
