You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Hemant Chaudhary <he...@gmail.com> on 2018/04/19 09:33:34 UTC

[users@httpd] Apache supports client initiated renegotiation

Hi Team,

I tried to send request from openssl-1.0.2d to Apache server-2.4.25 for ssl
renegotiation using command "openssl s_client -connect IP:PORT". I got
error RENEGOTIATING
2283136:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake
failure:s3_pkt.c:656. I checked in error log, error is [client
15.213.82.149:52145] AH02042: rejecting client initiated renegotiation.

I got SSL_SECURE_RENEG true in my custom log, it means we are supporting
Secure Renegotiation. But how should I enable client initiated ssl
renegotiation ?



Thanks
Hemant

[users@httpd] Re: Apache supports client initiated renegotiation

Posted by Hemant Chaudhary <he...@gmail.com>.

Hi All,

Any help on this issue.
 My openssl is sending Secure client initiated renegotiation but my apache
server is rejecting because it is client initiated. I checked custom log
and it shows my apache supports secure renegotiation.

Can somebody has tried secure  renegotiation in apache. How to enable
client initiated secure renegotiation ?

Thanks
Hemant

On Thu, Apr 19, 2018 at 3:03 PM, Hemant Chaudhary <
hemantdude.chaudhary@gmail.com> wrote:

> Hi Team,
>
> I tried to send request from openssl-1.0.2d to Apache server-2.4.25 for
> ssl renegotiation using command "openssl s_client -connect IP:PORT". I got
> error RENEGOTIATING
> 2283136:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake
> failure:s3_pkt.c:656. I checked in error log, error is [client
> 15.213.82.149:52145] AH02042: rejecting client initiated renegotiation.
>
> I got SSL_SECURE_RENEG true in my custom log, it means we are supporting
> Secure Renegotiation. But how should I enable client initiated ssl
> renegotiation ?
>
>
>
> Thanks
> Hemant
>