Avatar for Username

ابحث في الدعم

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

is there a workaround for connecting with https. the ssl/tls security fix is preventing us from connecting to a known trusted site

  • 3 ردود
  • 2 have this problem
  • 14 views
  • آخر ردّ كتبه cor-el

dgersten
dgersten
more options

i made the mistake of updating Firefox yesterday and with the ssl security fix find that i can longer connect to a web site at a remote data center that is protected by a fortigate appliance.

i know the correct answer is to get the appliance upgraded or replaced but in the meantime i am in desperate need of a workaround. it would be nice if there was an archive of old Firefox versions.

i have changed the config settings to allow renegotiation but i think the problem is more fundamental than that in that it doesn't appear that older versions of ssl are provided anymore.

i made the mistake of updating Firefox yesterday and with the ssl security fix find that i can longer connect to a web site at a remote data center that is protected by a fortigate appliance. i know the correct answer is to get the appliance upgraded or replaced but in the meantime i am in desperate need of a workaround. it would be nice if there was an archive of old Firefox versions. i have changed the config settings to allow renegotiation but i think the problem is more fundamental than that in that it doesn't appear that older versions of ssl are provided anymore.

الحل المُختار

The "The connection was reset" error message can be caused by a bug fix for the BEAST (Browser Exploit Against SSL/TLS) attack that the server doesn't handle.

See comment 60 in this bug report for workaround, but be aware that this makes you vulnerable to that BEAST attack.

  • bug 702111 - Servers intolerant to 1/n-1 record splitting. "The connection was reset"
Read this answer in context 👍 0

All Replies (3)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

الحل المُختار

The "The connection was reset" error message can be caused by a bug fix for the BEAST (Browser Exploit Against SSL/TLS) attack that the server doesn't handle.

See comment 60 in this bug report for workaround, but be aware that this makes you vulnerable to that BEAST attack.

  • bug 702111 - Servers intolerant to 1/n-1 record splitting. "The connection was reset"
dgersten
dgersten صاحب السؤال
more options

thank you very much. adding NSS_SSL_CBC_RANDOM_IV=0 to my windows 7 environment did the trick. now i just need to remember that i made that change...

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

You're welcome

It is better to use a .cmd or .bat file to set that environment variable and subsequently start Firefox and not set that variable in the system settings as it will there also affect other Gecko (XUL Runner) based software.
Then you can use a shortcut with that cmd file in case you really need it to access that site and run Firefox normally in other cases to be protected. 

set NSS_SSL_CBC_RANDOM_IV=0
start "" "C:\Program Files\Mozilla Firefox\firefox.exe"

Modified by cor-el