I have a legacy app that cannot (at present) be upgraded to 128 bit encryption. In order to alleviate this problem I've gotten a reverse proxy running. My present setup is as follows:
Ubuntu 6.0.6 LTS Apache 2.0.55 Libapache2-mod-proxy-html 2.4.3-2 Openssl 0.9.8a My problem is that I can use most any website to have apache reverse proxy for me successfully. Is it possible to step down on the encryption on the "backside" of the apache connection to the legacy server? At present I have the following in my vhost file: SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL This, as I understand it, allows apache on the front end to allow lower level of encryption, however, as stated earlier I need the request FROM apache to the legacy server to be 40 bit. Thanks W Reneau
