• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
[OT] Re: Secure WOHyperlink puts :443 in URL
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[OT] Re: Secure WOHyperlink puts :443 in URL

  • Subject: [OT] Re: Secure WOHyperlink puts :443 in URL
  • From: Marek Wawrzyczny <email@hidden>
  • Date: Fri, 11 Jun 2004 11:08:20 +1000
Posted for archiving purposes.

The problem with SSL in IE on Mac OS X turns out to be a bug in the IE. IE (OS X) does not handle SSL v3 well (or at all). We had SSL v2 and v3 support switched on our Apache server. There is a switching mechanism implemented in browsers that allows the browser to select the security transport mechanism, unfortunately IE n OS X will choose SSL v3 even though it does not support it properly.

Due to how the SSL authentication works, there is no workaround to this problem. However, SSL v3 has already been surpassed by TLS and most modern browsers support it.

So, now we know more about browsers then we ever wanted to. :)


On 10/06/2004, at 15:38, Deirdre Saoirse Moen wrote:

On Jun 9, 2004, at 10:00 PM, Marek Wawrzyczny wrote:

We are using 443 - standard SSL port... but we are running multiple IPs...
Still as far as WO works it shouldn't matter, should it.

You can only run one domain on a 443 port due to the quirks of the way things are signed. You want to have ONE cert answering the call, as it were.

Actually, we just got an error report from our users that the site breaks under https on IE 5 on OS X and Opera (on OS X only?). On IE we get an error whenever trying to view secure content:

"Security failure. Data encryption error."

So this appears to be an Apache problem. 

Perhaps not -- there's only one cert per IP address.

From:
http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/s1- apache-virtualhosts.html

"Do not use name-based virtual hosts in conjunction with a secure Web server as the SSL handshake occurs before the HTTP request identifies the appropriate name-based virtual host. Name-based virtual hosts only work with the non-secure Web server."
--
_Deirdre http://deirdre.net
"Cannot run out of time. There is infinite time. You are finite. Zathras is finite. This....is wrong tool." -- Zathras
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.



Marek Wawrzyczny

software engineer
-------------------------->
ish group pty ltd
http://www.ish.com.au
7 Darghan St Glebe 2037 Australia
phone +61 2 9660 1400   fax +61 2 9660 7400
_______________________________________________
webobjects-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/webobjects-dev
Do not post admin requests to the list. They will be ignored.

References: 
 >Secure WOHyperlink puts :443 in URL (From: Marek Wawrzyczny <email@hidden>)
 >Re: Secure WOHyperlink puts :443 in URL (From: Deirdre Saoirse Moen <email@hidden>)
 >Re: Secure WOHyperlink puts :443 in URL (From: Marek Wawrzyczny <email@hidden>)
 >Re: Secure WOHyperlink puts :443 in URL (From: Deirdre Saoirse Moen <email@hidden>)

  • Prev by Date: Re: WO vs JSP
  • Next by Date: Re: WO vs JSP
  • Previous by thread: Re: Secure WOHyperlink puts :443 in URL
  • Next by thread: Re: Secure WOHyperlink puts :443 in URL
  • Index(es):
    • Date
    • Thread