Avatar for Username

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

tls1.0

  • 3 antwoorden
  • 3 hebben dit probleem
  • 8 weergaven
  • Laatste antwoord van philipp

OBOULD
OBOULD
more options

hi,

since the upgrade to ff 39.0 some sites that support only tls1.0 do not show. This is EXTREMELY annoying (yes I know, security bla bla, contact owner of the site) but our users are not helped with this and it is not always possible to contact the owner of the site. As a workaround we tell our users to use another browser which is quite a shame. Are there any plans to support older tls versions again or at least provide a switch to enable it?

Thanks Obould

hi, since the upgrade to ff 39.0 some sites that support only tls1.0 do not show. This is EXTREMELY annoying (yes I know, security bla bla, contact owner of the site) but our users are not helped with this and it is not always possible to contact the owner of the site. As a workaround we tell our users to use another browser which is quite a shame. Are there any plans to support older tls versions again or at least provide a switch to enable it? Thanks Obould

Bewerkt door OBOULD op

Gekozen oplossing

if you receive that error code when accessing a site, this means that the webserver you're trying to reach is vulnerable to the recently published logjam attack and therefore firefox won't connect: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ https://weakdh.org/

unfortunately this can only be fixed by changing the configuration on the affected web-server.

Dit antwoord in context lezen 👍 0

Alle antwoorden (3)

philipp
philipp
  • Moderator
more options

hi obould, tls 1.0 is still supported in firefox - see the "protocols" section of https://www.ssllabs.com/ssltest/viewMyClient.html

if you receive error messages it's probably because particularly insecure/broken cipher suites are used on a web server. in order to know what's going on and if there are workarounds it will probably be necessary to know the url of the websites in question or at least the error code that is shown on these sites...

OBOULD
OBOULD Vraageigenaar
more options

Hello,

this is the error I get:

An error occurred during a connection to .... SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key) 

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

Bewerkt door OBOULD op

philipp
philipp
  • Moderator
more options

Gekozen oplossing

if you receive that error code when accessing a site, this means that the webserver you're trying to reach is vulnerable to the recently published logjam attack and therefore firefox won't connect: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ https://weakdh.org/

unfortunately this can only be fixed by changing the configuration on the affected web-server.