[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-ssl
Subject: Re: [apache-ssl] Explorer Cipher Strenght = 56
From: "Rob Winningham" <Rob_Winningham () rayberndtson ! com>
Date: 2000-12-15 15:32:08
[Download RAW message or body]
> HI!
> I have ssl certificate from Telia on my page . When I want to connect
> to this page from Internet Explorer ( 56 bits key ) , it can't connect .
> When I upgrade IE to 128 bits everything is ok . Is it possibly to force
> apache ( mod_ssl ) to connect with browser ( which only support 56 bits
> ) , and connect 128 with other one .
>
> Regards
>
> Maciej Bogucki, Network Administrator
I had a similar problem on a Digital Alpha (Tru64 4.0f). It had to do with the
random device I was using. Until apache_ssl 1.41, the entropy gathering device
was not supported, and since Tru64 doesn't have a random device, I had to write
my own. I tried using egd, but I had results identical to yours.
In order to do so, you must have an SSLRandomFile or SSLRandomFilePerConnection
directive in your .conf. Here's the urls to the docs.
http://www.apache-ssl.org/docs.html#SSLRandomFile
http://www.apache-ssl.org/docs.html#SSLRandomFilePerConnection
Here's an example:
SSLRandomFile /dev/random 1024
SSLRandomFilePerConnection /dev/random 1024
If I'm not mistaken, since OpenSSL 0.9.5a, these directives are mandatory. If
you don't have a random (or urandom) device on your server, you can use egd.
If you do use egd, be sure to use apache_ssl 1.41. Also, the syntax is a
little different for egd than for random:
SSLRandomFile egd /etc/entropy 1024
SSLRandomFilePerConnection egd /etc/entropy 1024
==Rob==
-----------------------------------------------------------------------------------
to unsubscribe, send a blank email to: apache-ssl-unsubscribe@lists.aldigital.co.uk
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic