httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Baljeet Nijjhar <baljeet.nijj...@googlemail.com>
Subject Re: [users@httpd] Confused about SSL and Internet Explorer vs nokeepalive
Date Thu, 24 Jun 2010 07:26:52 GMT
Hi

I altered my ssl.conf to do the following:

SetEnvIf User-Agent "MSIE[1-5]" nokeepalive ssl-unclean-shutdown
force-response-1.0 downgrade-1.0

SetEnvIf User-Agent "MSIE[6-99]" ssl-unclean-shutdown

to distinguish between older and newer versions of the browser.

regards, Baljeet.

On Wed, Jun 23, 2010 at 9:45 PM, Maxime Bellerose
<mbellerose@acquisio.com>wrote:

> Hello guys,
>
> I am confused about the proper way to handle SSL when dealing with the
> dreaded Internet Explorer.
>
> Documentation and configuration state to set this so Apache does not get
> impacted by the way Internet Explorer handle ssl.
>
>  SetEnvIf User-Agent ".*MSIE.*" \
>          nokeepalive ssl-unclean-shutdown \
>          downgrade-1.0 force-response-1.0
>
> This seems like a pretty drastic measure since it affect IE 5.X, IE
> 6.0 which are not used much by my visitors but also affect IE 7.0, IE 8.0
> and IE 9.0 which are far more common.
> I would believe that the newer browsers ( IE 7.0, IE 8.0 and IE 9.0 ) would
> have this by now.... Is not the case?
>
> Where can I get a list of browser that have these little handling bug (
> This is described in http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#The
> SSL Protocol<http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#The+SSL+Protocol>
 but
> they do not list the browsers... )?
> Isn't there a more elegant way to handle this?
>
> Thanks is advance!!!
> --
> Merci / Thanks
>
> Maxime Bellerose
> Administrateur système et DBA / System administrator and DBA
>

Mime
View raw message