Ø Can you please elaborate?
Ø
One side of your connection, and it could be either the client or the server,
is doing the old-style (OpenSSL calls it LEGACY) renegotiation and the other
side is rejecting it. One use for renegotiation is to get a client cert, for
example. For information about that, google:
https://www.google.com/search?q=tls+insecure+renegotiation
or perhaps just ‘feeling lucky’ and go here:
http://www.digicert.com/news/2011-06-03-ssl-renego.htm
--
Principal Security Engineer
Akamai Technologies, Cambridge, MA
IM: rs...@jabber.me<mailto:rs...@jabber.me>; Twitter: RichSalz
