mod_ssl and ephemeral keying

Hello, regarding http://httpd.apache.org/docs/2.2/mod/mod_ssl.html there seem to be different ways to enable ephemeral keying by using SSLCipherSuite in the mod_ssl config. If I specify kEDH for the kex algorithm, does it mean that the key exchange is not integrity protected by using RSA/DSA (b/c

Client certificate do not work / renegociate

Hello, In a host where client certificate is optional and in some directories requirement. Server is SNI, and this configuration works fine before SNI. > > SSLVerifyClient optional > > SSLVerifyClient require ... I use SNI client (firefox) with client certificate that works on optional locat