On Wed, 13 Sep 2006, Peter J. Holzer wrote:
> Not 100% sure, but circumstantial evidence says otherwise:
>
> * I don't seem to have such problems with an Apache server which also
> has a certificate signed by an untrusted authority.
>
> * In at least one case where I used Ethereal to check what goes over the
> wire it was Roxen which terminated the connection (and the client
> reconnected immediately, only giving up after several failures which
> wouldn't be sane behaviour in case of a cert problem - the cert won't
> change from one second to the next)
>
> * At least in a consumer device like the communicator I'd expect an error
> message like "this site is evil because it doesn't pay verisign", not
> something nondescript like "cannot connect to server".
What Webserver version? I just read that 4.5.87 has SSL(3) rewritten,
maybe something is fixed there?
/Rolf
|