Re: Apache and TLS renegocitation

To: "Emmanuel Dreyfus" <manu%netbsd.org@localhost>
Subject: Re: Apache and TLS renegocitation
From: "David Magda" <dmagda%ee.ryerson.ca@localhost>
Date: Tue, 21 Jun 2011 11:30:40 -0400

On Tue, June 21, 2011 02:06, Emmanuel Dreyfus wrote:
> Hello everybody
>
> It seems difficult to re-enable TLS renegociation with Apache. As I
> understand, I need:
[...]
> Anyone has hints on how to re-enable that?

You also need:
3)  a client that also implements RFC 5746.

By default Apache won't enable renegotiation unless it detects RFC 5746 on
the other end. To enable it for all clients (patched and unpatched),
there's this flag:

  http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslinsecurerenegotiation

Which client/s are you connecting with to test with?

References:
- Apache and TLS renegocitation
  - From: Emmanuel Dreyfus

Prev by Date: Industrial catalog 21.5.2011
Next by Date: Re: Apache and TLS renegocitation
Previous by Thread: Apache and TLS renegocitation
Next by Thread: Re: Apache and TLS renegocitation
Indexes:

Home | Main Index | Thread Index | Old Index