TLS: Default secure renegotiation compatability
By default this change will have servers send the renegotiation info extension, but not allow renegotiation. This is accordance with RFC 5746 From to RFC 5746: > In order to enable clients to probe, even servers that do not support > renegotiation MUST implement the minimal version of the extension > described in this document for initial handshakes, thus signaling > that they have been upgraded. With openSSL 3.0 the default it not allow connections to servers without secure renegotiation extension. See https://github.com/openssl/openssl/pull/15127
Loading
Please register or sign in to comment