error:0A000152:SSL routines::unsafe legacy renegotiation disabled with Shibboleth SP 3.4
Nate Klingenstein
ndk at signet.id
Fri Nov 11 14:33:37 UTC 2022
It turns out the odd one that supported secure renegotiation had an http:// endpoint configured into the MetadataResolver, so the error message is probably accurate in all other cases and misleading only with http://. There is a 302 redirect issued by the HTTP listener on that server to HTTPS.
Still no idea why the configuration option wouldn't have addressed the issue, though.
--------
Signet, Inc.
The Art of Access ®
https://www.signet.id
-----Original message-----
3) Interestingly, one of them *does* support secure renegotiation.
More information about the users
mailing list