EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Support for "secure renegotiation"?

Posted: 02/26/2015 07:41:02
by Nicklas Bergfeldt (Standard support level)
Joined: 12/04/2007
Posts: 19


I'm so close now... SSL Labs online test tool just says that "There is no support for secure renegotiation. Grade reduced to A-."

What is required in order to support "secure renegotiation" with Indy10 and TElIndySSLServerIOHandler?
- Some special cipher?
- Some setting?
- Code?
- ...?

Currently the following settings are applied:
Protocols enabled: TLS 1, TLS 1.1, TLS 1.2
Ciphers enabled: DHE-RSA-AES256-SHA, DHE-RSA-CAMELLIA256-SHA
RenegotiationAttackPreventionMode: rapmStrict

Best regards,
Posted: 02/26/2015 12:33:16
by Ken Ivanov (Team)

Hi Nicklas,

To get support for secure renegotiation with Indy-based server component you will need a fresh copy of SBIndyServerIOHandler10.pas which has not been published yet. I will create a Helpdesk ticket for you now and post the updated unit there, along with instructions of use.

Posted: 02/27/2015 07:31:37
by Nicklas Bergfeldt (Standard support level)
Joined: 12/04/2007
Posts: 19

Great support as always!

Thanks - it works great!



Topic viewed 669 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!