EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Support for "secure renegotiation"?

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#32345
Posted: 02/26/2015 07:41:02
by Nicklas Bergfeldt (Standard support level)
Joined: 12/04/2007
Posts: 19

Hello,

I'm so close now... SSL Labs online test tool just says that "There is no support for secure renegotiation. Grade reduced to A-."

What is required in order to support "secure renegotiation" with Indy10 and TElIndySSLServerIOHandler?
- Some special cipher?
- Some setting?
- Code?
- ...?

Currently the following settings are applied:
Protocols enabled: TLS 1, TLS 1.1, TLS 1.2
Ciphers enabled: DHE-RSA-AES256-SHA, DHE-RSA-CAMELLIA256-SHA
RenegotiationAttackPreventionMode: rapmStrict

Best regards,
Nicklas
#32356
Posted: 02/26/2015 12:33:16
by Ken Ivanov (EldoS Corp.)

Hi Nicklas,

To get support for secure renegotiation with Indy-based server component you will need a fresh copy of SBIndyServerIOHandler10.pas which has not been published yet. I will create a Helpdesk ticket for you now and post the updated unit there, along with instructions of use.

Ken
#32380
Posted: 02/27/2015 07:31:37
by Nicklas Bergfeldt (Standard support level)
Joined: 12/04/2007
Posts: 19

Great support as always!

Thanks - it works great!

Reply

Statistics

Topic viewed 511 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!