Blogging Techstacks

Let me begin by saying "Don't do this unless you are absolutely certain of the nature of ssl connections connecting to your Apache servers!"  OK, with that out of the way, if you need to disable TLS Renegotiation on your Apache sites look to version 0.9.8m or higher of OpenSSL.  From my reading of the release notes, the only production quality version of Apache that is compiled with OpenSSL v0.9.8m is Apache 2.2.15.  This means that if you are still using version 1.3 or version 2.0 and SSL, it's really time to upgrade to 2.2.

Apache v2.2.15 binaries or source when compiled against OpenSSL v0.9.8m actually fixes the TLS renegotiation vulnerability.  If you download the source to compile it yourself and compile against a version of OpenSSL older that 0.9.8m, you will not have these fixes. Unfortunately, the fix needs to be available from the client that is RFC 5746-compliant as well so v2.2.15 introduces a new directive: SSLInsecureRenegotiation that will allow for backwards compatibility for those connections or applications that need them. Enabling this directive though re-introduces the TLS Renegotiation vulnerability however.

I'm maintaining a list of potential issues when TLS renegotiation is disabled on my post from last week. If your customers are not connecting to your apache servers using one of these methods, you should be ok and should not need to worry about setting the SSLInsecureRenegotiation directive but for this upgrade, I do recommend spending more time on regression testing.

If you compile your apache implementation against OpenSSL 0.9.8l, you will completely disable TLS renegotiation. Personally, I would try to stay away from this.

If you need to enable old-style renegotiation, add the following to your SSL configuration on your apache servers: