Dear Ed,
What's surprising me is that I got more than 10% of users complaining
they can't access our webserver. Are so many people equipped with
outdated browsers ?
Denis
Le 11.02.2013 09:33, Edward Quick a écrit :
Hi Denis,
I've been through exactly the same situation. There isn't anything you
can do from the apache side to fix this apart from enabling insecure
renegotiation, but you shouldn't.
The customers have to fix their end by possibly upgrading to a later
browser in the case of FF/Chrome.
Assuming your customers are on Windows, and using IE8 or below, then
apply http://support.microsoft.com/kb/980436. Windows SP3 is a
prerequisite.
Hope this helps,
Ed.
------------------------------------------------------------------------
Date: Sat, 9 Feb 2013 20:09:50 +0100
From: dbuche...@hsolutions.ch
To: users@httpd.apache.org
Subject: [users@httpd] Very confused about Re-negotiation request
failed (and SSLInsecureRenegotiation)
Dear all,
Many users (but not all) are complaining that they can't access our
SSL webserver.
After some research I found two kind of error in apache logs :
a) Re-negotiation request failed / SSL Library Error: 336068931
error:14080143:SSL routines:SSL3_ACCEPT:unsafe legacy renegotiation
disabled
b) Re-negotiation handshake failed: Not accepted by client!?
At first I really don't understand at all why this could happen ?
And secondly, I found some advices to add the
"|SSLInsecureRenegotiation on" option. Is it a solution, and is it
only for very old browsers or can it be required for still in use
browsers ?
Thanks in advance for some help or any hint :-)
Best regards,
|Denis
