Problem statement
We are experiencing an issue using the Production endpoint - example-prod.au.auth0.com - as our deployment pipeline does not allow UnsafeLegacyServerConnect due to security reasons.
Can you please check if the Production endpoint example-prod.au.auth0.com can be updated to support secure renegotiation?
Cause
'UnsafeLegacyServerConnect' is a default option that relates to Open SSL:
https://www.openssl.org/docs/man1.1.1/man3/SSL_CONF_cmd.html
"UnsafeLegacyServerConnect: permits the use of unsafe legacy renegotiation for OpenSSL clients only. Equivalent to SSL_OP_LEGACY_SERVER_CONNECT. Set by default."
Solution
It’s a case by case basis so contact our @support group that will be able to talk with Engineering, investigate that and recommend the approach.