[Nagiosplug-help] Disable RFC4507 support issues
holger at CIS.FU-Berlin.DE
Sat Jul 7 12:31:54 CEST 2012
* Andrew Widdersheim <awiddersheim at hotmail.com> [2012-07-06 19:19]:
> * Disable RFC4507 support, to work around SSL negotiation issues with
> (at least) some Tomcat versions
> Saw the above as a fix in the new release which is awesome because it
> is a major pain with some systems.
> The problem I'm seeing is the release notes make it sound as though
> this is done by default but from what I'm seeing the only way to turn
> that fix on is by defining SSL_OP_NO_TICKET using CFLAGS unless I am
> missing something.
This is the commit that introduced the change:
SSL_OP_NO_TICKET is defined by OpenSSL itself, but only by versions
which actually support RFC4507 (that is, versions >= 0.9.8f). The
"#ifdef SSL_OP_NO_TICKET" you probably stumbled over makes sure that the
plugins can be built against older OpenSSL versions.
Are you still seeing SSL negotiation problems when using the new
More information about the Help