[imp] SSL and IMP?

Mark H. Degner mark@degner.org
Tue, 1 May 2001 23:10:57 -0500

Previous message: [imp] 2.2.x IMP User-level filter ?
Next message: username and password mechanism
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

David,

I think this previous list posting by Mark Nienberg addresses your issue.

HTH,

Mark

-----------------------------
As you may remember from previous posts, my imp via ssl setup 
worked perfectly except for two browser clients (MS IE 5 on win9x 
without SP1, and MS IE 5 for mac).  I previously posted that the 
following line in httpd.conf solved the problem:

SSLProtocol all -SSLv3

and it does, except that it makes all connections use SSLv2 instead 
of the more recent SSLv3.

The following technique also solves the problem without the adverse 
side effect described above.  Add the following lines to httpd.conf, 
putting them OUTSIDE the ssl virtual hosts section:

SSLSessionCache dbm:/etc/httpd/logs/cache_ssl
SSLSessionCacheTimeout 300

This sets up a session cache file.  Change the location depending 
on your directory structure, RedHat 7 is shown above.  You can 
also do this with shared memory instead of hard disk space.  See 
the mod_ssl documentation for directions.

I suspect that veteran apache and ssl  admins all do something like 
this anyway and that is why they don't see the problem.  The default 
SSL setup in RedHat 7 doesn't do it though, so newbies like me fall 
into the trap. 

Mark W. Nienberg, SE
Tipping Mar + associates
Berkeley, CA

----- Original Message ----- 
From: "David Cake" <dave@difference.com.au>
To: <imp@lists.horde.org>
Sent: Tuesday, May 01, 2001 9:46 AM
Subject: Re: [imp] SSL and IMP?


> >Quoting David Cake <dave@difference.com.au>:
> >
> >> Can anyone think of a reason why my ssl configuration appears
> >>  to work fine with other pages, including my test php pages, but not
> >>  with IMP?
> >
> >You're going to have to be a bit more specific than that.
> 
> With IMP, I get errors (I'm using MSIE 5 for Mac, as it 
> happens, but I'm getting similar results with other browsers), 
> specifically 'Security Failure. Data Decryption Error' often enough 
> to make IMP unusable (over 50% of the time), but I don't seem to get 
> this with other pages (such as /horde/test.php or static pages, which 
> work fine).
> Cheers
> David
> 
> -- 
> IMP mailing list: http://horde.org/imp/
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: imp-unsubscribe@lists.horde.org
>

Previous message: [imp] 2.2.x IMP User-level filter ?
Next message: username and password mechanism
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]