Jean-Marc Desperrier wrote: > Rob Crittenden wrote: > >> This is to announce a new module for Apache 2.0.x named mod_nss. >> mod_nss provides SSL support using the NSS crypto libraries. > > It sounds really cool. > >> It is a derivation of mod_ssl from Apache 2.0.54. [...]. The two modules >> are more or less functionally equivalent. > > Hum, hum. A little while back I found that it's quite annoying that in > everycase where an apache/mod_ssl server is configured to refuse a > connexion (for example as the consequence of a SSLRequire directive), it > will drop it down at the SSL level and there's no way to redirect to an > error page instead. > IIS can do that, and it's not so nice to have to tell people there's no > way to do it with apache/mod_ssl and give the rejected clients anything > but a blank page with no explanation about what went wrong. > > So that's a point where I would enjoy it if mod_nss were not > functionnally equivalent :-)
Yes, other NSS-based servers now do what you want, returning an error page rather than terminating the handshake and the connection. Rob, maybe this is an enhancement to mod_nss worth considering. But either way, thanks for doing this! -- Nelson B _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
