Re: ssl: unsafe legacy renegotiation

monit-general

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ssl: unsafe legacy renegotiation

From:	sashk
Subject:	Re: ssl: unsafe legacy renegotiation
Date:	Thu, 9 Feb 2023 14:22:50 -0500

Hi,

> Google the error and solution. Either update SSL on the cable modem “server” 
> if you can or modify Monit (the client) yourself. 


Upgrading ssl is not possible on cable modem, therefore as I stated in my 
original email:
>>  It seems re-configuring OpenSSL it is possible to do systemwide, but I 
>> would like to avoid doing so.

I was hoping there is a way, similar to ssl options {version: TLSV1,... } to 
enable this setting just for this particular check in monit, not systemwide, as 
this opens system to CVE-2009-3555.

Thanks.

[Prev in Thread]

Current Thread

[Next in Thread]

ssl: unsafe legacy renegotiation, sashk, 2023/02/09
- Re: ssl: unsafe legacy renegotiation, Jan-Henrik Haukeland, 2023/02/09
  - Re: ssl: unsafe legacy renegotiation, sashk <=
    - RE: ssl: unsafe legacy renegotiation, Rory Toma, 2023/02/09
    - Re: ssl: unsafe legacy renegotiation, SZÉPE Viktor, 2023/02/09
    - Re: ssl: unsafe legacy renegotiation, address@hidden, 2023/02/09
    - Re: ssl: unsafe legacy renegotiation, address@hidden, 2023/02/09

Prev by Date: Re: ssl: unsafe legacy renegotiation
Next by Date: RE: ssl: unsafe legacy renegotiation
Previous by thread: Re: ssl: unsafe legacy renegotiation
Next by thread: RE: ssl: unsafe legacy renegotiation
Index(es):
- Date
- Thread