T-Online software 5.0

T-Online software 5.0

am 19.05.2004 17:06:51 von Sven Geisler

Hi,

I upgraded from RedHat 7.3 to RedHat Enterprise Linux 3.0 with
httpd-2.0.46-32.ent.rpm and mod_ssl-2.0.46-32.ent.rpm.
Users with T-Online software 5.0 can't use https since this update.
Http works fine for this users.
I used the standard rpm from RedHat 7.3 before.

The browser sting of the T-Online software:
"Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; DT)"

Did anyone have an idea?

Sven.

My ssl config:

SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex file:logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile conf/ssl.crt/...
SSLCertificateKeyFile conf/ssl.key/...
SetEnvIf User-Agent ".*MSIE.*" ssl-unclean-shutdown
SetEnvIf User-Agent .*MSIE. 5.*" ssl-unclean-shutdown nokeepalive
downgrade-1.0 force-response-1.0


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: T-Online software 5.0

am 19.05.2004 17:25:40 von Joe Orton

On Wed, May 19, 2004 at 05:06:51PM +0200, Sven Geisler wrote:
> Hi,
>
> I upgraded from RedHat 7.3 to RedHat Enterprise Linux 3.0 with
> httpd-2.0.46-32.ent.rpm and mod_ssl-2.0.46-32.ent.rpm.
> Users with T-Online software 5.0 can't use https since this update.
> Http works fine for this users.
> I used the standard rpm from RedHat 7.3 before.

Try adding "LogLevel info" to the SSL vhost config: what errors do you
get in the ssl_error_log when such users connect?

joe
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: T-Online software 5.0

am 19.05.2004 17:48:47 von Sven Geisler

Hi Joe,

I have LogLevel warn in httpd.conf.

The error log hasn't any error for this users.

Thx
Sven.

Am Mi, den 19.05.2004 schrieb Joe Orton um 17:25:
> On Wed, May 19, 2004 at 05:06:51PM +0200, Sven Geisler wrote:
> > Hi,
> >
> > I upgraded from RedHat 7.3 to RedHat Enterprise Linux 3.0 with
> > httpd-2.0.46-32.ent.rpm and mod_ssl-2.0.46-32.ent.rpm.
> > Users with T-Online software 5.0 can't use https since this update.
> > Http works fine for this users.
> > I used the standard rpm from RedHat 7.3 before.
>
> Try adding "LogLevel info" to the SSL vhost config: what errors do you
> get in the ssl_error_log when such users connect?
>
> joe
>

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

AW: T-Online software 5.0

am 24.05.2004 15:03:39 von Michael Pfannkuchen

Hallo Sven,


these client-related problems are strange sometimes : I remember a =
problem,
where MSIE browsers crashed when using Javascript to load pictures over =
a
SSL-connection ...

But to your problem:
I'd start to play with the following setting in your ssl.conf:

> SetEnvIf User-Agent .*MSIE. 5.*" ssl-unclean-shutdown=20
> nokeepalive

Maybe there is only a '"' missed before the RegEx ...


Good luck : michael

> -----Ursprüngliche Nachricht-----
> Von: owner-modssl-users@modssl.org=20
> [mailto:owner-modssl-users@modssl.org] Im Auftrag von Sven Geisler
> Gesendet: Mittwoch, 19. Mai 2004 17:07
> An: modssl-users@modssl.org
> Betreff: T-Online software 5.0
>=20
> Hi,
>=20
> I upgraded from RedHat 7.3 to RedHat Enterprise Linux 3.0=20
> with httpd-2.0.46-32.ent.rpm and mod_ssl-2.0.46-32.ent.rpm.
> Users with T-Online software 5.0 can't use https since this update.
> Http works fine for this users.
> I used the standard rpm from RedHat 7.3 before.
>=20
> The browser sting of the T-Online software:
> "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; DT)"
>=20
> Did anyone have an idea?
>=20
> Sven.
>=20
> My ssl config:
>=20
> SSLPassPhraseDialog builtin
> SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
> SSLSessionCacheTimeout 300
> SSLMutex file:logs/ssl_mutex
> SSLRandomSeed startup builtin
> SSLRandomSeed connect builtin
> SSLCipherSuite =20
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
> SSLCertificateFile conf/ssl.crt/...
> SSLCertificateKeyFile conf/ssl.key/...
> SetEnvIf User-Agent ".*MSIE.*" ssl-unclean-shutdown
> SetEnvIf User-Agent .*MSIE. 5.*" ssl-unclean-shutdown=20
> nokeepalive
> downgrade-1.0 force-response-1.0
>=20
>=20
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>=20
>=20


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: AW: T-Online software 5.0

am 24.05.2004 16:16:01 von Sven Geisler

Hi Michael,

Sometimes the solution is simple.
You're properly right. I fixed the .conf.

Thx
Sven.


Am Mo, den 24.05.2004 schrieb Michael Pfannkuchen um 15:03:
> Hallo Sven,
>=20
>=20
> these client-related problems are strange sometimes : I remember a pro=
blem,
> where MSIE browsers crashed when using Javascript to load pictures over=
a
> SSL-connection ...
>=20
> But to your problem:
> I'd start to play with the following setting in your ssl.conf:
>=20
> > SetEnvIf User-Agent .*MSIE. 5.*" ssl-unclean-shutdown=20
> > nokeepalive
>=20
> Maybe there is only a '"' missed before the RegEx ...
>=20
>=20
> Good luck : michael
>=20
> > -----Ursprüngliche Nachricht-----
> > Von: owner-modssl-users@modssl.org=20
> > [mailto:owner-modssl-users@modssl.org] Im Auftrag von Sven Geisler
> > Gesendet: Mittwoch, 19. Mai 2004 17:07
> > An: modssl-users@modssl.org
> > Betreff: T-Online software 5.0
> >=20
> > Hi,
> >=20
> > I upgraded from RedHat 7.3 to RedHat Enterprise Linux 3.0=20
> > with httpd-2.0.46-32.ent.rpm and mod_ssl-2.0.46-32.ent.rpm.
> > Users with T-Online software 5.0 can't use https since this update.
> > Http works fine for this users.
> > I used the standard rpm from RedHat 7.3 before.
> >=20
> > The browser sting of the T-Online software:
> > "Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; DT)"
> >=20
> > Did anyone have an idea?
> >=20
> > Sven.
> >=20
> > My ssl config:
> >=20
> > SSLPassPhraseDialog builtin
> > SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
> > SSLSessionCacheTimeout 300
> > SSLMutex file:logs/ssl_mutex
> > SSLRandomSeed startup builtin
> > SSLRandomSeed connect builtin
> > SSLCipherSuite =20
> > ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
> > SSLCertificateFile conf/ssl.crt/...
> > SSLCertificateKeyFile conf/ssl.key/...
> > SetEnvIf User-Agent ".*MSIE.*" ssl-unclean-shutdown
> > SetEnvIf User-Agent .*MSIE. 5.*" ssl-unclean-shutdown=20
> > nokeepalive
> > downgrade-1.0 force-response-1.0
> >=20
> >=20
> > ____________________________________________________________ _________=
_
> > Apache Interface to OpenSSL (mod_ssl) www.modssl.or=
g
> > User Support Mailing List modssl-users@modssl.or=
g
> > Automated List Manager majordomo@modssl.or=
g
> >=20
> >=20
>=20
>=20
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
>=20

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org