Firefox – sslv3 broken security protocol

Since the upgrade to 34.0.5, I can no longer access the management web pages of many of our network devices. It gives an error:

Firefox cannot guarantee the safety of your data on 10.32.16.50 because it uses SSLv3, a broken security protocol.
Advanced info: ssl_error_no_cypher_overlap

I made the following changes in about:config

security.tls.version.fallback-limit (default=1, change to 0)
security.tls.version.min (default=1, change to 0)
security.ssl.enable_ocsp_stapling (default = true, change to false)
security.ssl3.* (quite a few are set to disable, enable them all)

ssl3_prefs

 

From https://www.bfccomputing.com/re-enable-sslv3-on-firefox-34/

If you see the error ssl_error_unsupported_version then do the following:

1) Type about:config in the location bar.
2) In the search bar that comes up, enter: security.tls.version.min . Double-click on the entry that comes up and change the value to 0.
3) Do the same for security.tls.version.fallback-limit .
4) Test your broken site. It should work now.

 

UPDATE: This does not work reliably so I’ve start using Firefox Portable as discussed here.

Advertisements

2 thoughts on “Firefox – sslv3 broken security protocol

  1. Pingback: Getting Around SSLv3 being disabled | Random Tech Notes

  2. Pingback: Firefox: “Não é possível se conectar com segurança” (ssl_error_unsupported_version) – Documentos do Administrador

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s