Bug 49204 - mod_ssl problem
mod_ssl problem
Status: CLOSED CURRENTRELEASE
Product: Red Hat Raw Hide
Classification: Retired
Component: apache (Show other bugs)
1.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Joe Orton
David Lawrence
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-07-16 16:33 EDT by Need Real Name
Modified: 2007-04-18 12:34 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-09-21 06:59:08 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2001-07-16 16:33:50 EDT
The server with apache-1.3.20-5 (it has mod_ssl-2.8.4-5)
can not be accessed via https from MSIE 5.0, 128 bit.
Netscape and MSIE seems OK.
Comment 1 Need Real Name 2001-07-16 16:38:09 EDT
I tried few other sites.

https://www.ebetusa.com  Apache/1.3.20 (Unix) mod_ssl/2.8.4 OpenSSL/0.9.6b
https://www.ebetonline.co.nz Apache/1.3.20 (Unix) mod_ssl/2.8.4 OpenSSL/0.9.6b
and https://www.redhat.com/
and all they seems accessable from MSIE 5.0, 128 bit.

In the same time MSIE 5.0 Does not work with my site
which uses the same software 
(I tried both OpenSSL/0.9.5a and OpenSSL/0.9.6b, no difference).

I also tried it with self-generated and real (from Verisign)
certificates - same thing in both cases.

The only workaround I found
is to add 
SSLProtocol all -SSLv3
then I can access the site.

It may be some weird problem with apache default configs.
What settings may cause this?
Comment 2 Need Real Name 2001-07-16 16:46:51 EDT
I also would like to say that the problem is different than in FAQ.

http://www.modssl.org/docs/2.8/ssl_faq.html#io-ie

The MSIE is 128bit, not 56.

The other settings are already in config.
Comment 3 Need Real Name 2001-07-16 16:48:07 EDT
Above I meant MSIE 5.5 is OK , MSIE 5.0 does not work
Comment 4 Need Real Name 2001-07-16 22:30:48 EDT
In addition:
If I recompile apache and mod_ssl from scratch, no patches applied,
default settings: then IT WORKS.

If I use RedHat rpm (from rawhide) it
1. executes first https request OK, 
2. all following requests (2,3,4,...) do not work.

Again, this happenes only with MSIE 5.0.
Netscape and MSIE 5.5 are OK
Comment 5 Need Real Name 2001-07-17 12:08:43 EDT
The problem (at least partially) related to the fact that httpd.conf
which comes with rpm is missing
<IfModule mod_ssl.c>
.....
</IfModule>
section which presents in original mod_ssl distribution.
Putting this section to /etc/httpd/conf/httpd.conf makes
MSIE 5.0 working.
This is probably related to
SSLSessionCache         dbm:/var/run/apache_mod_ssl_scache
option. The MSIE 5.0 seems does not work without SSL session cache.

A very similar problem still exists with some specific MSIE 5.0 versions,
but now I at least have much fewer errors than before.
Comment 6 Nalin Dahyabhai 2001-07-24 16:29:22 EDT
The default configuration file does contain this section, but just to be sure
we'll switch to including the patch from the mod_ssl source distribution in
1.3.20-9 and later.  Thanks!
Comment 7 Joe Orton 2004-09-21 06:59:08 EDT
Thanks for the report.  This bug is no longer present in the Apache
httpd 2.0 packages in Red Hat Enterprise Linux and Fedora Core.

Note You need to log in before you can comment on or make changes to this bug.