We have an Ubuntu 12.04 server with Tomcat and Nginx webservers on it to serve two different portals. Tomcat is serving on 443 port and Nginx is serving on 8443 port. And this server got latest openssl and libssl.
When I run following command, Nginx port is listing out different TLS Server Extensions than Tomcat port!
openssl s_client -connect myserver.com:8443 -tlsextdebug 2>&1 | grep 'server extension' TLS server extension "renegotiation info" (id=65281), len=1 TLS server extension "EC point formats" (id=11), len=4 TLS server extension "session ticket" (id=35), len=0 TLS server extension "heartbeat" (id=15), len=1 openssl s_client -connect myserver.com:443 -tlsextdebug 2>&1 | grep 'server extension' TLS server extension "renegotiation info" (id=65281), len=1
What is TLS server extension and why I see different list for my two services? Where can I configure them? And are they pose any security risks? I just started reading about TLS and googled for 'server extension' but couldn’t find any helpful information.