SSL renegotiation is vulnerable to the man-in-the-middle attacks. In Access Manager 4.3, it has been disabled by default for all components except Analytics Server.
For information about how to disable it in Analytics Server, see Section 5.2, Disabling SSL Renegotiations.