François Beaune wrote:
Hey Justin,Thanks for your answer. I did add the various versions of the SSLCipherSuite directive to my virtual host container, sorry if that wasn't clear.In the meantime I found that, by inspecting the handshake between TortoiseSVN and Apache, the connection does use RC4, which is good. Still, I don't understand why this doesn't happen with Firefox (it always uses AES 256, which shouldn't be allowed, if I understand things correctly). Any clue?
Did you try running the shell script to verify that the server is correctly applying the SSLCipherSuite directive and only offering the ciphers you have allowed?
http://www.lazorsoftware.com/lazorsoft/files/openssl_check.sh -- Justin Pasher --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|