Re: Apache supports client initiated renegotiation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Re: Apache supports client initiated renegotiation
From: Hemant Chaudhary <hemantdude.chaudhary@xxxxxxxxx>
Date: Thu, 19 Apr 2018 23:56:26 +0530
In-reply-to: <CAKcRo04EHLtF3jj2CeNMEYPFP6do38uYtJWu6GfzH=pJmawYzA@mail.gmail.com>
Reply-to: users@xxxxxxxxxxxxxxxx

Hi All,

Any help on this issue.

My openssl is sending Secure client initiated renegotiation but my apache server is rejecting because it is client initiated. I checked custom log and it shows my apache supports secure renegotiation.

Can somebody has tried secure renegotiation in apache. How to enable client initiated secure renegotiation ?

Thanks

Hemant

On Thu, Apr 19, 2018 at 3:03 PM, Hemant Chaudhary <hemantdude.chaudhary@xxxxxxxxx> wrote:

Hi Team,

I tried to send request from openssl-1.0.2d to Apache server-2.4.25 for ssl renegotiation using command "openssl s_client -connect IP:PORT". I got error RENEGOTIATING
2283136:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:s3_pkt.c:656. I checked in error log, error is [client 15.213.82.149:52145] AH02042: rejecting client initiated renegotiation.

I got SSL_SECURE_RENEG true in my custom log, it means we are supporting Secure Renegotiation. But how should I enable client initiated ssl renegotiation ?

Thanks
Hemant

References:
- Apache supports client initiated renegotiation
  - From: Hemant Chaudhary

Prev by Date: Re: Logging in apache
Next by Date: apache 2.4 email autoconfig and autodiscover configuration
Previous by thread: Apache supports client initiated renegotiation
Next by thread: mod_ratelimit working by steps ?
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]