[TechNote] can we redirect users to an error page if their OS or browser no support SHA256?

http://publib.boulder.ibm.com/httpserv/ihsdiag/ssl_questions.html#sslcattribrules


How can I display a custom document when a client connects with a weak cipher?
This is an alternative to shutting out very old clients that might not be able to negotiate a strong cipher.

Configure your server to prefer stronger ciphers as described in the SSL Performance section of the IHS Performance tuning guide.
Append any weak ciphers you wish to support (list of ciphers) using SSLCipherSpec
Determine the SSL criteria you want to enforce (e.g. keysize, protocol version) and the set of URLs for which it applies.
Examples
Return an error page if the cipher keysize is too small and the URL begins with /secret3/
RewriteEngine On
RewriteCond %{ENV:HTTPS_KEYSIZE} !^(128|168|256)$
RewriteCond %{REQUEST_URI} !^/error/
RewriteRule ^/secret3/ /128_or_higher.html

Combine the previous rule with "How can I display a custom document when a client connects over SSLv2", applying it to all URLs
RewriteEngine On
RewriteCond %{ENV:HTTPS_KEYSIZE} !^(128|168|256)$ [OR]
RewriteCond %{ENV:SSL_PROTOCOL_VERSION} ^SSLV2$
RewriteCond %{REQUEST_URI} !^/error/
RewriteRule .*  /low_grade_encryption.html
(See this question for why we exclude error documents from the rule.)

How can I display a custom document when a client connects over SSLv2?
Instead of using mod_ibm_ssl SSLCipherSpec directives to allow only SSLv3 and TLSv1 ciphers, use mod_rewrite to recognize when SSLv2 is used, and redirect the request to a document explaining the restriction.

Example:
RewriteEngine On
RewriteCond %{ENV:SSL_PROTOCOL_VERSION} ^SSLV2$
RewriteCond %{REQUEST_URI} !^/error/
RewriteRule .* /low_grade_encryption.html
How can I apply other rules based on attributes of SSL ciphers?
RewriteEngine On
RewriteCond %{ENV:HTTPS_CIPHER} !AES
RewriteCond %{REQUEST_URI} !^/error/
RewriteRule ^/secret1/  /AES_only.html
RewriteCond %{ENV:HTTPS_CIPHER} MD5
RewriteCond %{REQUEST_URI} !^/error/
RewriteRule ^/secret2/  /no_md5.html

====== SHA256 Example

   RewriteEngine On
   RewriteCond %{ENV:HTTPS_CIPHER} !(SHA256|SHA384)
   RewriteCond %{REQUEST_URI} !^/error/
   RewriteRule .*  /no_SHA256_info.html