Forum Discussion

MistvanHun's avatar
MistvanHun
Copper Contributor
Sep 25, 2023

Secure Client-Initiated Renegotiation fail

Hi,

 

We've got a problem with the iis webserver on our windows server 2019.

We got a penetration test with the followin error after a testssl check:

  Secure Client-Initiated Renegotiation VULNERABLE (NOT ok), DoS threat

How can I fix this?

 

Thanks a lot,

Istvan

1 Reply

  • aelhaj's avatar
    aelhaj
    Copper Contributor
    Open Registry Editor (regedit.exe) and navigate to the next path:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL
    Create or modify a registry entry called DisableRenegoOnClient as a DWORD value. Set its value to 1 to disable client-initiated renegotiation. If the entry already exists, update its value.
    Restart the Serve

Resources