mån 2006-07-17 klockan 16:06 -0400 skrev Brad Taylor:
> https_port 443 cert=/etc/squid/sbcert.pem
> key=/etc/squid/sbprivatekey.pem version=2
>
> When I change to 3:
> https_port 443 cert=/etc/squid/sbcert.pem
> key=/etc/squid/sbprivatekey.pem version=3
>
> I get a "page can not be displayed" in IE.
Probably IE sends a SSLv2 session setup with upgrade to SSLv3/TLS. If
you set the protocol to 3 then only SSLv3 session setups is accepted and
clients sending SSLv2 session setups will get rejected even if they
indicate they accept upgrade to SSLv3 or TLS.
Try disabling SSLv2 via the options= instead.. This keeps the
"automatic" session setup mode, and only restricts the end result..
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Tue Aug 01 2006 - 12:00:01 MDT