[thelist] best OpenSSL workarounds for IE bugs?
Liam Delahunty
liam at megaproducts.co.uk
Fri Jun 25 11:52:56 CDT 2004
on 25/06/2004 17:03 sbeam said the following:
>
> If you don't know what I'm talking about here is the canonical FAQ item:
> http://www.modssl.org/docs/2.8/ssl_faq.html#ToC49
>
Doubt if this is perfect, but here's what I have...
(in the httpd.conf, for me line 283
# global ssl setup
<IfModule mod_ssl.c>
SSLSessionCache dbm:/var/log/httpd/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:/var/log/httpd/ssl_mutex
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect builtin
# Location of a secondary signing authority certificate. Uncomment and edit
# the location if necessary if you install a secondary certificate.
#SSLCACertificateFile /etc/httpd/conf/ca-bundle
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</IfModule>
Hope that helps. I'm running a cobalt raq, which is essentially Red Hat
6, if that makes any difference.
--
Kind regards, Liam Delahunty, Mega Products Ltd
More information about the thelist
mailing list