SSL renegotiation was identified as a security hole in SSL processing. It is normally disabled in 0.9.8l.
Carter Carter Browne CBCS cbro...@cbcs-usa.com 781-721-2890 Lou Picciano wrote: > Anyone have any ideas on this? > > Have recently updated an otherwise working environment to include > openSSL v0.9.8l. Suddenly, mod_ssl is reporting: > > Re-negotiation handshake failed: Not accepted by client!? > > Other than a refresh of CRL, this configuration has been running AOK > through openSSL 0.9.8k... > Before we embark on the complete rebuild of the server: Would a > version of mod_ssl compiled against 0.9.8k utterly choke on 0.9.8l? > > Many thanks in advance, Lou ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
