tls1.0
hi,
since the upgrade to ff 39.0 some sites that support only tls1.0 do not show. This is EXTREMELY annoying (yes I know, security bla bla, contact owner of the site) but our users are not helped with this and it is not always possible to contact the owner of the site. As a workaround we tell our users to use another browser which is quite a shame. Are there any plans to support older tls versions again or at least provide a switch to enable it?
Thanks Obould
เปลี่ยนแปลงโดย OBOULD เมื่อ
วิธีแก้ปัญหาที่เลือก
if you receive that error code when accessing a site, this means that the webserver you're trying to reach is vulnerable to the recently published logjam attack and therefore firefox won't connect: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ https://weakdh.org/
unfortunately this can only be fixed by changing the configuration on the affected web-server.
อ่านคำตอบนี้ในบริบท 👍 0การตอบกลับทั้งหมด (3)
hi obould, tls 1.0 is still supported in firefox - see the "protocols" section of https://www.ssllabs.com/ssltest/viewMyClient.html
if you receive error messages it's probably because particularly insecure/broken cipher suites are used on a web server. in order to know what's going on and if there are workarounds it will probably be necessary to know the url of the websites in question or at least the error code that is shown on these sites...
Hello,
this is the error I get:
An error occurred during a connection to .... SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
เปลี่ยนแปลงโดย OBOULD เมื่อ
วิธีแก้ปัญหาที่เลือก
if you receive that error code when accessing a site, this means that the webserver you're trying to reach is vulnerable to the recently published logjam attack and therefore firefox won't connect: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ https://weakdh.org/
unfortunately this can only be fixed by changing the configuration on the affected web-server.