Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 07 Dec 2009 20:23:49 +0200
From:      Toomas Aas <>
Subject:   Re: SA-09-15 vs Apache with client certificates
Message-ID:  <>
In-Reply-To: <>
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Toomas Aas wrote:

> Do I understand the "NOTE WELL" section of FreeBSD-SA-09:15 correctly 
> that if I apply the patch then this functionality will no longer work?

Testing confims that my understanding is correct. I applied the patch and 
authentication results in "ssl_error_handshake_failure_alert" returned by 
Firefox, whereas the server logs "Re-negotiation handshake failed: Not 
accepted by client!?". So I quickly reversed the patch.

I'm surprised more people aren't getting bitten by this.

Toomas Aas

... If you think nobody cares about you, try missing a couple of payments.

Want to link to this message? Use this URL: <>