1 Reply Latest reply on Jun 29, 2018 3:20 AM by Arild Bjerkenes

    Client-initiated renegotiation of the TLS/SSL connection

    Arild Bjerkenes Newbie

      How can we avoid client-initiated renegotiation of the TLS/SSL connection in Wildfly 11?

       

      I have tried to add -Dsun.security.ssl.allowUnsafeRenegotiation=false -Dsun.security.ssl.allowLegacyHelloMessages=false -Dsun.security.ssl.allowUnsafeLegacyRenegotiation=false, but scanning still tells that vi have a vulerability on this.