httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sander Holthaus - Orange XL" <i...@orangexl.com>
Subject [users@httpd] MSIE connection to Apache over SSL doesn't downgrade to HTTP/1.0
Date Tue, 08 Apr 2003 14:01:44 GMT
When using MSIE over SSL to connect with Apache, the connections are not
downgraded to HTTP/1.0, as they should. But I have no idea why, the SetEnvIf
User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0
force-response-1.0 -line is present and no configerrors are reported.
Can anyone shed some some light on this?

The Virtual host is set up like this:

<VirtualHost *:443>
    DocumentRoot /usr/local/www/sqwebmail/
    ErrorLog "/usr/local/www/default/logs/webmail_error_log"
    CustomLog "|/usr/local/sbin/rotatelogs
/usr/local/www/default/logs/webmail_access_%Y%m%d.log 86400" combined
env=!nolog
    CustomLog /usr/local/www/default/logs/ssl_request.log "%t %h
%{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
    ServerName webmail.*.nl
    ServerAdmin webmaster@*.nl
    ScriptAlias /cgi-bin/sqwebmail
"/usr/local/www/sqwebmail/cgi-bin/sqwebmail"
    Alias /sqwebmail "/usr/local/www/sqwebmail/data/sqwebmail"
    DirectoryIndex cgi-bin/sqwebmail/sqwebmail
    SSLEngine On
    SSLProtocol all -SSLv2
    SSLCipherSuite HIGH:MEDIUM
    SSLCertificateFile
/usr/local/etc/apache2/ssl-cert/webmail.orangexl.nl.crt
    SSLCertificateKeyFile
/usr/local/etc/apache2/ssl-cert/webmail.orangexl.nl.key
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
    <Files ~ "\.(cgi)$">
       SSLOptions +StdEnvVars
    </Files>
</VirtualHost>


I also have some configuration directives in the SSL.conf:

SSLPassPhraseDialog  builtin

#SSLSessionCache        none
#SSLSessionCache        shmht:/var/log/httpd-ssl_scache(512000)
#SSLSessionCache        shmcb:/var/log/httpd-ssl_scache(512000)
SSLSessionCache         dbm:/var/log/httpd-ssl_scache
SSLSessionCacheTimeout  300

SSLMutex  file:/var/log/httpd-ssl_mutex

SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#SSLRandomSeed startup file:/dev/random  512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random  512
#SSLRandomSeed connect file:/dev/urandom 512


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message