Fought, Richard schrieb:
I'm trying to configure my Apache 2.0.59 server w/ mod_ssl to use TLS
1.0 only. I have set the SSLCipherSuite accordingly, however when I
connect with IE6 with SSLv3 enabled and TLSv1 disabled, I still get
through because of the TLS ability to back down to SSL 3.0.
Hi Richard,
if no config rules work maybe the fastest way to achive your goal are
redirects depending on the current client protocol spoken. For
example, redirecting every browser not communicating via TLS to an
extra error page:
SSLOptions +StdEnvVars
RewriteEngine on
RewriteCond
Hello,
I'm trying to configure my Apache 2.0.59 server w/ mod_ssl to use TLS
1.0 only. I have set the SSLCipherSuite accordingly, however when I
connect with IE6 with SSLv3 enabled and TLSv1 disabled, I still get
through because of the TLS ability to back down to SSL 3.0. Is there a
way to