Very confused about Re-negotiation request failed (and SSLInsecureRenegotiation)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Very confused about Re-negotiation request failed (and SSLInsecureRenegotiation)
From: "Denis BUCHER (lists)" <dbucherml@xxxxxxxxxxxxx>
Date: Sat, 09 Feb 2013 20:09:50 +0100
Organization: Horus Digital Solutions Sàrl
Reply-to: users@xxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130107 Thunderbird/17.0.2

Dear all,

Many users (but not all) are complaining that they can't access our SSL webserver.

After some research I found two kind of error in apache logs :
a) Re-negotiation request failed / SSL Library Error: 336068931 error:14080143:SSL routines:SSL3_ACCEPT:unsafe legacy renegotiation disabled
b) Re-negotiation handshake failed: Not accepted by client!?

At first I really don't understand at all why this could happen ?

And secondly, I found some advices to add the "

SSLInsecureRenegotiation
      on" option. Is it a solution, and is it only for very old browsers
      or can it be required for still in use browsers ?

      

      Thanks in advance for some help or any hint :-)

      

      Best regards,

Denis

Follow-Ups:
- RE: Very confused about Re-negotiation request failed (and SSLInsecureRenegotiation)
  - From: Edward Quick

Prev by Date: Re: LoadBalancingIssue - Users are not distributed equally among users
Next by Date: RePost: [users@httpd] Proxy Config Problem
Previous by thread: internal redirects in httpd.conf
Next by thread: RE: Very confused about Re-negotiation request failed (and SSLInsecureRenegotiation)
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]