[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: ssl: unsafe legacy renegotiation
|
From: |
Rory Toma |
|
Subject: |
RE: ssl: unsafe legacy renegotiation |
|
Date: |
Thu, 9 Feb 2023 14:30:08 -0500 |
You could always set up an haproxy or nginx proxy to take care of this.
-----Original Message-----
From: monit-general-bounces+rory=trs80.net@nongnu.org
<monit-general-bounces+rory=trs80.net@nongnu.org> On Behalf Of sashk via This
is the general mailing list for monit
Sent: Thursday, February 9, 2023 2:23 PM
To: This is the general mailing list for monit <monit-general@nongnu.org>
Subject: Re: ssl: unsafe legacy renegotiation
Hi,
> Google the error and solution. Either update SSL on the cable modem “server”
> if you can or modify Monit (the client) yourself.
Upgrading ssl is not possible on cable modem, therefore as I stated in my
original email:
>> It seems re-configuring OpenSSL it is possible to do systemwide, but I
>> would like to avoid doing so.
I was hoping there is a way, similar to ssl options {version: TLSV1,... } to
enable this setting just for this particular check in monit, not systemwide, as
this opens system to CVE-2009-3555.
Thanks.