[imp] SSL and IMP?
Mark H. Degner
mark@degner.org
Tue, 1 May 2001 23:10:57 -0500
David,
I think this previous list posting by Mark Nienberg addresses your issue.
HTH,
Mark
-----------------------------
As you may remember from previous posts, my imp via ssl setup
worked perfectly except for two browser clients (MS IE 5 on win9x
without SP1, and MS IE 5 for mac). I previously posted that the
following line in httpd.conf solved the problem:
SSLProtocol all -SSLv3
and it does, except that it makes all connections use SSLv2 instead
of the more recent SSLv3.
The following technique also solves the problem without the adverse
side effect described above. Add the following lines to httpd.conf,
putting them OUTSIDE the ssl virtual hosts section:
SSLSessionCache dbm:/etc/httpd/logs/cache_ssl
SSLSessionCacheTimeout 300
This sets up a session cache file. Change the location depending
on your directory structure, RedHat 7 is shown above. You can
also do this with shared memory instead of hard disk space. See
the mod_ssl documentation for directions.
I suspect that veteran apache and ssl admins all do something like
this anyway and that is why they don't see the problem. The default
SSL setup in RedHat 7 doesn't do it though, so newbies like me fall
into the trap.
Mark W. Nienberg, SE
Tipping Mar + associates
Berkeley, CA
----- Original Message -----
From: "David Cake" <dave@difference.com.au>
To: <imp@lists.horde.org>
Sent: Tuesday, May 01, 2001 9:46 AM
Subject: Re: [imp] SSL and IMP?
> >Quoting David Cake <dave@difference.com.au>:
> >
> >> Can anyone think of a reason why my ssl configuration appears
> >> to work fine with other pages, including my test php pages, but not
> >> with IMP?
> >
> >You're going to have to be a bit more specific than that.
>
> With IMP, I get errors (I'm using MSIE 5 for Mac, as it
> happens, but I'm getting similar results with other browsers),
> specifically 'Security Failure. Data Decryption Error' often enough
> to make IMP unusable (over 50% of the time), but I don't seem to get
> this with other pages (such as /horde/test.php or static pages, which
> work fine).
> Cheers
> David
>
> --
> IMP mailing list: http://horde.org/imp/
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: imp-unsubscribe@lists.horde.org
>