Quoting Chad Juettner (chad at bitstream.net): > > What do I need to do to convince Internet Explorer to accept > > an SSL certificate from a website that has been > > self-generated and not bought from Verisign, Thawte, etc.? > > Mozilla/Netscape will prompt you and ask if you still want to > > connect, but IE just decides to stop and prevents the page > > from loading (well, I most recently saw it on IE on MacOSX, > > but I think it happens on Windows boxes as well). First, IE sucks! :-) Second, there is a known bug in IE dealing with SSL. Third, here is the hack to make IE work. <VirtualHost www.company.com:443> SSLEngine on SSLCertificateFile /etc/httpd/certs/www.comany.com.crt SSLCertificateKeyFile /etc/httpd/certs/www.company.com.key SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP SSLProtocol all -SSLv3 </VirtualHost> -- Minneapolis St. Paul Twin Cities MN | Phone : (952)943-8700 http://www.mn-linux.org Minnesota Linux | Fax : (952)943-8500 Key fingerprint = 6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9