Hi Tim -
> Moving a site from an old Stronghold DEC UNIX Alpha server to a
> Solaris 2.6 server running....
>
> Apache/1.3.6 (Unix) ApacheJServ/1.0 PHP/3.0.9 mod_perl/1.19
> mod_ssl/2.3.1 OpenSSL/0.9.3a.
>
> The site in question uses SSL and everything works just fine for
> recent MS and NS browsers. The problem is with MS and NS 3.X
> browsers which give errors like this...
>
> (Netscape 3.01)
> The security library has experienced a databas error
> You will probably be unable to connect to this site securely.
>
> If I turn off "SSL v3" on NS, and only use v2, things work.
I ran into the same situation on the same platforms. You don't happen to
have a Thawte server certificate, do you? I believe the errors had
something to do with the 3.x browsers having expired built-in Thawte
certs, and with the server trying to verify client certs even when client
certs were not being used for auuthentication.
I removed the following lines from my configuration:
SSLCACertificatePath /usr/local/apache/conf/ssl.crt
SSLCACertificateFile /usr/local/apache/conf/ssl.crt/ca-bundle.crt
and it seems to work fine now, although if anyone could explain in more
detail what the problem is and why this works I'd love to hear it.
Larry Leszczynski
[EMAIL PROTECTED]
--
furph, Inc. WWW/Unix/Windows Solutions 734-513-7763 (voice)
[EMAIL PROTECTED] http://www.furph.com 734-513-7759 (FAX)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
