Problems with SSL on IE
khansen at charityweb.net
Thu Mar 26 21:34:25 MSK 2009
Igor Sysoev wrote:
> On Thu, Mar 26, 2009 at 01:15:01PM -0400, Kurt Hansen wrote:
>> Igor Sysoev wrote:
>>> On Thu, Mar 26, 2009 at 09:42:46AM -0400, Kurt Hansen wrote:
>>>> Now, I'm not sure where the problem is, the version of nginx, OpenSSL,
>>>> how nginx was compiled for this rpm, or the digital cert. I think the
>>>> digital cert is OK since it is working on all other browsers.
>>>> Are others having a problem with IE? Successes?
>>>> If you want to look at the cert with the problem, here it is:
>>> In my test MSIE 6.0 does not like certificate on the site.
>> Thanks for checking!
>> Yes, MSIE doesn't like the certifying authority. Maybe I have the CA
>> cert and the donate.mercycorps.org cert in the wrong order. I think they
>> root cause might by the SSLv3 not working, though.
>> If it were just the cert, I'd get a warning but it would let me connect.
>> With this problem, it won't let me connect if SSLv2 is disabled on the
>> client or the server.
> In SSLv2 mode the site sends the *.mercycorps.org cert only, so this is
> the problem why MSIE does not like the cert.
> As to SSLv3, could you show
> directives ?
That explains the bad cert -- thanks!
Here are the directives. For the ssl_ciphers, I copied what I was using
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nginx