Re: [squid-users] disable ssl client renegotiating

From: <amaury_at_tin.it>
Date: Mon, 17 Mar 2014 15:41:59 +0100 (CET)

Yes, I'm talking about ssl client renegotiating and the possibility(?)
to disable (for security reason RFC5746).

To verify this point you can
use the command:
openssl s_client -connect xxxxx:443
after that you
have run this command if you write R(RENEGOTIATING) if you an answer
like:
RENEGOTIATING
depth=3 C = US, O = "VeriSign, Inc.", OU = Class 3
Public Primary Certification Authority
verify return:1
.....
the
renegotiating is enable but you receive
R
RENEGOTIATING
140567431063208:
error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:
s3_pkt.c:596:
the renegotiating is disable.

I'm sorry if I'm not been
clear before.

Thank you

Regards,
Maurizio
Received on Mon Mar 17 2014 - 14:42:07 MDT

This archive was generated by hypermail 2.2.0 : Mon Mar 17 2014 - 12:00:05 MDT