How can we avoid client-initiated renegotiation of the TLS/SSL connection in Wildfly 11?
I have tried to add -Dsun.security.ssl.allowUnsafeRenegotiation=false -Dsun.security.ssl.allowLegacyHelloMessages=false -Dsun.security.ssl.allowUnsafeLegacyRenegotiation=false, but scanning still tells that vi have a vulerability on this.
I got it to work using setting jdk.tls.rejectClientInitiatedRenegotiation=true.