[gtaSAGE-members] Apache/mod_ssl and IE problems.
Adrian Chung
adrian@enfusion-group.com
Thu, 9 Jan 2003 21:51:31 -0500
On Thu, Jan 09, 2003 at 09:43:25PM -0500, Julian C. Dunn wrote:
> On Thu, 2003-01-09 at 21:29, Adrian Chung wrote:
> > Has anyone ever experienced problems with IE and Apache/mod_ssl?
>
> <snip>
>
> > --------add this to httpd.conf.ssl -------------
> > SSLProtocol all -SSLv3
> > ----------------------------------------------
> >
> > and the following to horde.conf (in Directory section)
> >
> > SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> > downgrade-1.0 force-response-1.0
> >
> > I'm going to try it out now, but thought I'd ask if anyone's been down
> > this road before.
>
> Yes, I've been down this road before. Those hacks will work... sort of.
> However, the SSL implementation in certain versions of IE is
> fundamentally broken. No amount of hackery can fix the fact that you
> will probably continue to have problems.
>
> If you search the mod_ssl-users mailing list you will probably find many
> folks saying the same thing.
Hmm, somehow that doesn't surprise me. Oh well, in any case, I've
only added the SetEnvIf directive at the moment, and it *seems* to
have fixed my immediate problem, although it's so sporadic and random
that I'll have to wait a few days to know better. :)
Hopefully at least in the most recent and patched versions of IE the
brokenness isn't quite as bad...
--
Adrian Chung (adrian at enfusion-group dot com)
http://www.enfusion-group.com/~adrian/
GPG Fingerprint: C620 C8EA 86BA 79CC 384C E7BE A10C 353B 919D 1A17
[gambit.enfusion-group.com] 9:47pm up 5 days, 18:14, 11 users