Matt,
Thanks a ton for this intel and taking time to provide this answer! This is
great backstory and information on what the message actually is telling me.
Cheers and happy Friday!
On Fri, Mar 26, 2021 at 5:19 AM Matt Caswell wrote:
>
>
> On 25/03/2021 21:59, Shaun Robbins wrote:
> > While t
On 25/03/2021 21:59, Shaun Robbins wrote:
While trying to disable renegotiation the response from openssl reads
"Secure Renegotiation IS supported" even though renegotiation is failing.
Up until 2009 we just had "Renegotiation" as a concept. Then along came
a man-in-the-middle attack on suc
While trying to disable renegotiation the response from openssl reads
"Secure Renegotiation IS supported" even though renegotiation is failing.
OpenSSL Config:
SSL_set_options(ssl_conn, SSL_OP_NO_RENEGOTIATION);
] $openssl s_client -connect localhost:443 -tls1_2
[SNIP]
New, TLSv1.2, Cipher is EC
