Hi! I’m using Let’s Encrypt, and I ran into some weird (to me) errors in the Apache 2 log files:
SSL Library Error: error:14080152:SSL routines:SSL3_ACCEPT:unsafe legacy renegotiation disabled
I was able to reproduce this by surfing to my website using Safari 4 (OSX 10.4.11). Safari can’t display the page at all. Apparently, this older Safari doesn’t know how to handle the SSL-configuration. I was able to fix my problem by putting the following into my .htaccess file:
My question is: does this make my setup less secure? Why isn’t this the default for Let’s Encrypt? Is there a better way to fix this?