SSL renegotiation was identified as a security hole in SSL processing. It is normally disabled in 0.9.8l.
Carter Carter Browne CBCS [email protected] 781-721-2890 Lou Picciano wrote: > Anyone have any ideas on this? > > Have recently updated an otherwise working environment to include > openSSL v0.9.8l. Suddenly, mod_ssl is reporting: > > Re-negotiation handshake failed: Not accepted by client!? > > Other than a refresh of CRL, this configuration has been running AOK > through openSSL 0.9.8k... > Before we embark on the complete rebuild of the server: Would a > version of mod_ssl compiled against 0.9.8k utterly choke on 0.9.8l? > > Many thanks in advance, Lou ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
