Many SSL clients, notably JDK 6, use the SSLv2Hello protocol to handshake with the server. Using this protocol does *not* mean you are using SSL 2.0 or 3.0 for that matter; it is merely a handshake to determine *which* protocol to use. [http://tools.ietf.org/html/rfc5246#appendix-E.2] However, in Apache, if you disable SSLv3 support, this apparently removes support for the SSLv2Hello protocol. Apache Tomcat has explicit support for SSLv2Hello; that is, you can enable that, but not enable SSLv3. Is there any way to do this in Apache? --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|