We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Barracuda Web Application Firewall

WAF - External - SSL lab showing "Secure Renegotiation" error

  • Type: Knowledgebase
  • Date changed: one year ago
Solution # 00007707

Scope: WAF Firmware: 7.9 and above.

Platform: Any


Issue: When we run a scan on SSL lab for the SSL website hosted on WAF, it is giving “Secure Renegotiation Supported” error.

 

Solution/Explanation:
 WAF during SSL handshake in server-hello message advertise the support for secure-renegotiation. But, when a client actually tries to do secure renegotiation, WAF will be reject the handshake message due to the vulnerability.

SSL labs are showing the error based on the secure renegotiation support that we advertise in the SSL handshake rather than really performing SSL renegotiation. No fix is required on WAF.




Link to This Page: