Firefox 48.0.2 NS_ERROR_NET_INADEQUATE_SECURITY with HTTP2
Hi, since enabling HTTP2 on our server I'm getting the following error message when opening the http address, which 301 redirects to https :
Your connection is not secure
The website tried to negotiate an inadequate level of security.
biobanking.org uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal information which you thought to be safe. The website administrator will need to fix the server first before you can visit the site.
Error code: NS_ERROR_NET_INADEQUATE_SECURITY
Server: Apache/2.4.23 (Win64) OpenSSL/1.0.2h PHP/7.0.8
SSL Config: SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4 SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4 SSLHonorCipherOrder on SSLProtocol all -SSLv3 SSLProxyProtocol all -SSLv3 SSLPassPhraseDialog builtin SSLSessionCacheTimeout 300
In VirtualHost config: - Protocols h2 http/1.1
When I refresh the https address it shows me the same message once, after the next refresh the site is showing up correctly.
Hope you can look into it
Chosen solution
Oops, should've read the documentation better. Apparently I didn't choose the right SSLCipherSuite. I went with the one listed here: https://icing.github.io/mod_h2/howto.html to solve my problem
Read this answer in context 👍 2All Replies (1)
Suluhisho teule
Oops, should've read the documentation better. Apparently I didn't choose the right SSLCipherSuite. I went with the one listed here: https://icing.github.io/mod_h2/howto.html to solve my problem