1. Please post in plain text instead of HTML.
2. Try these settings instead of the SetEnvIf User-Agent *MSIE*... in your
SSL virtual host.
BrowserMatch "MSIE [1-4]" nokeepalive \
ssl-unclean-shutdown downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [5-9]" ssl-unclean-shutdown
-Dave
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
Behalf Of Sean Shanny
Sent: Friday, July 20, 2001 9:10 AM
Our system:
Linux RedHat 7.1 2.4.2-2 kernel
Apache 1.3.19
modssl 2.8.1
openssl 0.96
Our Problem:
Older windows IE users and all MAC IE users are getting errors
trying to talk to the secure portion of our site. We did not have this
problem with the Stronghold server (2.4.2). The basic error message is
that the names on the certificate don't match, they do, and then a variation
of "Security, Encryption, Decryption, SSL Errors:" pops up.
We recognize that the IE browsers have an issue with SSLv3 per the FAQ. We
would like to know the risks we are exposing our site to by using the flag
to not use SSLv3 for ANY of the clients via the
SSLProtocol all -SSLv3
configuration directive?
Any feedback on this problem would be most appreciated.
Thanks
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
