httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joseph A Nagy Jr <>
Subject Re: [users@httpd] https not working for MSIE.
Date Wed, 14 May 2003 15:10:04 GMT
kulkarni veena wrote:
> Hello,
> MY SSL.conf config is as follows:
> Listen 443
> Listen
> SSLSessionCache        
> dbm:/var/apache/logs/ssl_scache
> SSLSessionCacheTimeout  300
> SSLMutex  file:/var/apache/logs/ssl_mutex
> <VirtualHost>
> SSLCipherSuite
> SetEnvIf User-Agent ".*MSIE.*" \
>          nokeepalive ssl-unclean-shutdown \
>          downgrade-1.0 force-response-1.0
> Also, my Document root for http and ssl is different.
> and my certificates are in PEM code.
> It is mostly the same as default except for few
> changes.
> --veena
> --- Zac Stevens <> wrote:
>>Hi Veena,
>>On Tue, May 13, 2003 at 09:44:55PM -0700, kulkarni
>>veena wrote:
>>>Thanks. i did try all of the options given in the
>>>except for trying out different openssl version
>>>using 0.9.7a).
>>>Nothing so has worked, i will try changing openssl
>>That being the case, what are the browser-specific
>>SSL options you
>>currently have in your configuration for MSIE
>>You should definitely be using OpenSSL 0.9.7a - it's
>>the latest recommended
>>>The weird thing is https works with all Netscape
>>>versions but with NONE MSIE (5.x & 6.X).
>>As per the FAQ entry I pointed at, it's not weird at
>>all.  MSIE has a lot
>>of quirks in its SSL implmentation - some related to
>>its support for
>>particular ciphers, others to nonstandard behaviour
>>it expects to find when
>>talking to the server.
>>I would go so far as to claim that it is not
>>possible for a "vanilla" SSL 
>>configuration (ie, one without user-agent specific
>>options) to work with 
>>a "vanilla" IE installation - so the exact
>>configuration you are running is
>>quite important.

Why do I get the feeling that kulkarni is still looking for a server 
side solution to a client side problem?

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message