On Fri, Jul 17, 2015 at 9:18 AM, Yann Ylavic <[email protected]> wrote:
> > Attached are the logs from both httpd and s_client, where we can see > that httpd somehow expects a client certificate during the > renegotiation (without sending any certificate request...), while > s_client obviously does not send anything like that (but its key > exchange). > > I can't explain that... I'd need to debug. > Does this ring someone's bell? > Sure. AIUI, LibreSSL stripped out TLS renegotiation as an 'unsafe thing'. Some of our tests demonstrate per-dir renegotiation for stricter SSL ciphers or client certs in specific contexts, but this would not be a supported feature under LibreSSL if I understood their scope changes correctly. The test is right, IMHO. Bill
