Hello,
I've read previous posts on Server Gated Crypto an have tried the suggestions in them,
however I cannot get it to work with IE 5.01-5.5 on NT4sp5 (56bit and 128bit). It works
fine with Nescape browsers (as everyone finds). I've apache-1.3.14, the lastest modssl,
openssl on Solaris 5.6 with Sun cc. I'm using a verisign SGC cert (i've checked this).
I've tried the following SSLCipherSuite settings
SSLEngine on
SSLProtocol all
#SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCipherSuite HIGH:MEDIUM
#SSLCipherSuite RC4:!EXP56:@STRENGTH
and
<Directory /www/htdocs>
SSLRequire %{SSL_CIPHER_USEKEYSIZE} >=128
</Directory>
when connecting it will prompt for the client cert, which I accept. But no errors are
put
in the logs and the connection is not allowed.
One solution is to force all client to use 128bit browsers but I would like to avoid
this.
Are there any solutions?
Thanks
Matthew
---------------------------------------------
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
