My Oracle Support Banner

Is it Possible to Disable and Set Oracle HTTP Server "Secure Client-Initiated Renegotiation" to No? (Doc ID 2380761.1)

Last updated on MARCH 30, 2018

Applies to:

Oracle HTTP Server - Version 11.1.1.1.0 and later
Information in this document applies to any platform.

Goal

There are three related traits of an HTTP Server which are often checked for security reasons:

Secure Renegotiation 
Secure Client-Initiated Renegotiation  
Insecure Client-Initiated Renegotiation

Insecure renegotiation is disabled by default on newer OHS versions, but Secure Client-Initiated Renegotiation may be enabled by default. 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.