Novell is now a part of Micro Focus

My Favorites


Please to see your favorites.

Firefox error console reports "server does not support RFC 5746, see CVE-2009-3555" error

This document (7008600) is provided subject to the disclaimer at the end of this document.


Novell Access Manager 3.1 Linux based Access Gateway Service on SLES 11
Novell Access Manager 3.1 Support Pack 3 applied


Access Manager configured and working fine - users accessing protected resources on the 
Linux based Access Gateway service (AGS) can authenticate and get access to the applications.
However when hitting a protected resource on the AGS, an error is returned that the AGS
does NOT support rfc 5746 on SSL renogotiations. This was supposedly addressed in Access Manager
3.1 SP3 for all components.

To duplicate:

a) clear Firefox Error Console messages in Firefox by clicking on Tools->Error
Console -> Clear.

b) Go to any URL on the AGS:

c) Look at the error console and you will see multiple messages of the
following format: : server does not support RFC 5746, see CVE-2009-3555


Make sure that the SLES11 platform that the AGS is running on has the latest OpenSSL modules. In our case version 30.22 took care of the issue. The SLES11 SP1 patch would also have taken care of the issue as it ships with



The AGS on Linux uses the openssl libraries from the server itself. The Windows equivalent includes the openSSL binaries.


This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7008600
  • Creation Date:18-MAY-11
  • Modified Date:26-APR-12
    • NetIQAccess Manager (NAM)

Did this document solve your problem? Provide Feedback