How can I test if my server is vulnerable for SSL renegotiation?
I tried the following (using `OpenSSL 0.9.8j-fips 07 Jan 2009`:
`openssl s_client -connect 10.2.10.54:443`
I see it connects, it brings the certificate chain, it shows the server
certificate, and last:
SSL handshake
I got the libraries compiled and a test application (in fact something
calling all the crypto (vs ssl) C tests and displaying results) which
passed the Windows Store apps checks.
Now, how to proceed further?
Thanks
francis.dup...@fdupont.fr
