On Mon, Nov 15, 2010 at 6:43 PM, Ricardo Stella <ste...@rider.edu> wrote:
> > Hello, > > We're getting these errors on some of our web servers (different > instances running on different ports) being detected by Firefox 3.6.9+ > > This happens after about a week of normal use. A restart temporarily > fixes the problem, but we have not been able to find a solution from the > server side. > > Tried different iterations of the SSLProtocol and SSLCipherSuite but not > able to get to one that works. I've posted and got no answers back. > Supposedly the problem is Firefox does not like SSL DHE cipher suites, > however there's no documentation on how to 'fix it' from the server side. > > Currently, I have the following (and still doesn't work): > > SSLProtocol all -SSLv2 > SSLCipherSuite ALL:!EXP:!NULL:!ADH:!LOW:!SSLv2:!kEDH:+HIGH:!MEDIUM > > Thank you. > Not sure if this will help with what you are seeing, but I used the info available here to setup the SSLCipherSuite etc settings: http://journal.paul.querna.org/articles/2010/07/10/overclocking-mod_ssl/ In particular this might be of some use http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslhonorcipherorder The settings I use are: SSLProtocol TLSv1 SSLv3 SSLCipherSuite RC4-SHA:AES256-SHA:ALL:!ADH:!MD5:!EXP:!LOW:!NULL SSLHonorCipherOrder on and have not seen any problems with Firefox (or any other browser) so far...
