Question

3
Replies
235
Views
SITTA Member since 2010 3 posts
PEGA
Posted: 4 years ago
Last activity: 4 years ago
Closed

721 - Best practice for Tomcat config param SSLRenegBufferSize ?

Hello team, 

a customer (using HTTPS with a renegotiation policy) is facing HTTP 413 exceptions due to the size of POST requests.

The default Apache value is 131072 https://httpd.apache.org/docs/current/mod/mod_ssl.html, which apparently is not sufficient for a Pega application.

For security reason, they do not want to remove the limit completely.

Is there any best practice value that should be assigned here?

TIA, Andreas

 

Security
Moderation Team has archived post
Share this page LinkedIn