In Firefox version 37.0 getting Secure Connection Failed config parameter version.fallback-limit set to 3. Does this support TLS 1.0 .
In FF 37.0 getting secure connection failed connecting to a website. Works fine in previous version. Config parameter version.fallback-limit default setting is 3. In previous version the default setting was 1. Does the setting version.fallback-limit to 3 mean only TLS1.2 is supported. Any help is appreciated. Secure Connection Failed
The connection to xxxx.xxx.com was interrupted while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.
Additional System Details
- User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; InfoPath.2; .NET4.0C; .NET4.0E; rv:11.0) like Gecko
The website may try to fallback to TLS 1.0 in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.
You can open the about:config page via the location/address bar and use its search bar to locate this pref:
You can double-click the line to modify the pref and add the domain (full domain) to this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). You should only see domains separated by a comma in the value column.
I think you have diagnosed the change in Firefox 37 correctly. Many web servers, for whatever reason, are configured to use TLS 1.0 and only TLS 1.0. The preference that cor-el mentioned allows you to try a site-specific exception to the general fallback rule. It should work immediately, that is, after you save the exception and reload the page, Firefox should connect using TLS 1.0 if that is the only issue.
Thanks for the reply. With the default out of the box Firefox 37 setting we will not be able to connect to sites which support TLS 1.0 only ( old web server) . Is this a correct statement. We are in the process of upgrading to TLS 1.2.
That is how it looks to me so far.