Hi Rajan, Thank you for the explanation, I have a better understanding now.
But why a client would need to renegotiate all the time ? I don't know any setting on the client side to workaround. Does this mean that most browsers need to be updated as well ? Regards, JC Le samedi 28 novembre 2009 à 19:01 +0530, tensy joseph a écrit : > Hi Jean, > > You are getting this error because either client or server is trying > to renegotiate the session. The OpenSSL team has applied the patch > which will disable all the renegotiation and hence will break all > renegotiation attempt .This patch is released to take care of Security > Vulnerabilty Issue CVE-2009-3555. If the client needs to do > renegotiation then you will have to live with a vulnerable server for > now. > > Thanks > Rajan > > 2009/11/28 Jean-Christophe Baptiste <j...@phocean.net> > Hi all, > > I can confirm the following issue : > http://www.mail-archive.com/openssl-users@openssl.org/msg59562.html > > As an openSUSE user, I reported the bug there : > https://bugzilla.novell.com/show_bug.cgi?id=558176 > > They applied the same patch and I am having the same "Exit: > error in > SSLv3 read client hello A" error. > > How many people are aware of it ? Is there any patch yet ? > > Thank you for your help, > > JC > >
signature.asc
Description: Ceci est une partie de message numériquement signée
