Disabling client initiated renegotiation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Disabling client initiated renegotiation
From: Chris Hill <chris.hillsec@xxxxxxxxx>
Date: Sat, 9 Apr 2011 18:00:49 -0400
Reply-to: users@xxxxxxxxxxxxxxxx

Hi all,

My company relies on Apache for a number of customer facing sites. What's a reliable way to disable client initiated renegotiation (both secure and insecure renegotiation)?. I know one specific openssl library (l) disables this, but then later ones enable "secure" renegotiation, which we need to disable.

Ideally, I'd like a solution through an configuration parameter so that future versions/upgrades do not re-enable renegotiation.

Thanks for your help.

Regards,
Chris.

Follow-Ups:
- Re: Disabling client initiated renegotiation
  - From: Mark Montague

Prev by Date: Connection timed out: proxy: HTTP: attempt to connect
Next by Date: Re: Disabling client initiated renegotiation
Previous by thread: Connection timed out: proxy: HTTP: attempt to connect
Next by thread: Re: Disabling client initiated renegotiation
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]