Debian
lighttpd package

  1. Bug #1832295
  2. Comment #7

Comment 7 for bug 1832295

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

> Temporary solution is to define `ssl.disable-client-renegotiation = "disable"`
> But it's not safe.

Actually that should be the new default. Client-renegotiation is no longer supported at all, and shouldn't be neither offered or accepted.