On Sat, Nov 24, 2007 at 11:56:49PM -0500, Bob Johnson wrote:
> >>> SSL 2.0 [length 007a], CLIENT-HELLO

> 01 03 01 00 51 00 00 00 20 00 00 39 00 00 38 00
> 00 35 00 00 16 00 00 13 00 00 0a 07 00 c0 00 00
> 33 00 00 32 00 00 2f 00 00 07 05 00 80 03 00 80
> 00 00 05 00 00 04 01 00 80 00 00 15 00 00 12 00
> 00 09 06 00 40 00 00 14 00 00 11 00 00 08 00 00
> 06 04 00 80 00 00 03 02 00 80 37 bf 69 76 53 ce
> 0a d5 8c d5 78 8e 94 73 05 84 d7 13 d6 2a fe 77
> b8 8b be b0 dc e2 72 5f 4f d3
> SSL_connect:SSLv2/v3 write client hello A
> read from 0x80bb680 [0x80c1260] (7 bytes => 4 (0x4))
> 0000 - 68 69 55 53 hiUS
> read from 0x80bb680 [0x80c1264] (3 bytes => 0 (0x0))
> 15772:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
> failure:s23_lib.c:188:
>

What version of openssl are you using?
Try adding the following line to that failing vhost:

SSLCipherSuite ALL:!SSLv2

(You probably want to tune it more later if you care about the security,
but the important thing here is to get rid of SSLv2)
To see which ciphers this opens up, run openssl ciphers -v 'ALL:!SSLv2'

vh

Mads Toftum
--
http://soulfood.dk
__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org