Thanks for the reply. I am currently resetting the below flag by resetting using SSL_CTX_clear_options(). Still the handshake fails.
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION Any inputs ? On Wed, Jun 4, 2014 at 6:57 PM, Salz, Rich <rs...@akamai.com> wrote: > Ø Can you please elaborate? > > Ø > > > > One side of your connection, and it could be either the client or the > server, is doing the old-style (OpenSSL calls it LEGACY) renegotiation and > the other side is rejecting it. One use for renegotiation is to get a > client cert, for example. For information about that, google: > > https://www.google.com/search?q=tls+insecure+renegotiation > > or perhaps just ‘feeling lucky’ and go here: > > http://www.digicert.com/news/2011-06-03-ssl-renego.htm > > > > -- > > Principal Security Engineer > > Akamai Technologies, Cambridge, MA > > IM: rs...@jabber.me; Twitter: RichSalz > > >
