SSL/TLS remove/disable renegotiation capabilities

From: Robert Fitzpatrick <robert_at_webtent.org>
Date: Thu, 19 Oct 2023 13:18:40 UTC
As a result of a recent vulnerability scan using the GVM 22.4 scanning 
FreeBSD 13.2, it is recommended to remove/disable renegotiation 
capabilities altogether from/in the affected SSL/TLS service for a 
MEDIUM vulnerability CVE-2011-1473. Looking further t the CVE shows 
DISPUTED, furthermore, it looks like our version of OpenSSL is not 
affected? robert@gvm:~$ openssl version OpenSSL 3.0.2 15 Mar 2022 
(Library: OpenSSL 3.0.2 15 Mar 2022) CVE: 
http://cve.circl.lu/cve/CVE-2011-1473 The host manager of the FreeBSD VM 
will want this mitigated, how could I apply the
|SSL_OP_NO_RENEGOTIATION|option to openssl or other solution?
-- 
Thanks, Robert