Thank you for supporting the Cloud Customer Connect Community in 2024. It's a gift to work with you!

Look back
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

OCI - Receiving openssl "error:0A000152:SSL routines::unsafe legacy renegotiation disabled"

Applies To: 

Oracle Cloud Infrastructure  

Linux OS   

Symptoms

While accessing an secure URL, getting below error message: 

"error:0A000152:SSL routines::unsafe legacy renegotiation disabled"

Cause 

The error mentions unsafe legacy renegotiation.

This error means that you are running as a client attempting to connect to a server that does not support secure renegotiation (the mitigation against CVE-2009-3555) which are now aborted by default in OpenSSL 3.0. (or your corporate firewall not supporting it) 

Unfixed version of renegotiation is known as "unsafe legacy renegotiation" in OpenSSL. The fixed version is known as "secure renegotiation". So either a peer does not have the fix, in which case it will be using "unsafe legacy renegotiation", or it does have the fix in which case it will be using "secure renegotiation". 

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!