We got some requirments for TLS hardening on our web server , One of those is that truncated HMAC should not be supported
We are using Apache 2.2 with OpenSSL 1.0.1 which I am not sure how to disable truncated HMAC for it
does OpenSSL even support truncated HMAC? Wikipedia says it doesn't, and I'm not seeing anything about it on openssl.org.
Retrieving data ...