Търсене в помощните статии

Избягвайте измамите при поддръжката. Никога няма да ви помолим да се обадите или изпратите SMS на телефонен номер или да споделите лична информация. Моля, докладвайте подозрителна активност на "Докладване за злоупотреба".

Learn More

How do I resolve "Error code: ssl_error_renegotiation_not_allowed"

  • 3 отговора
  • 2 имат този проблем
  • 1 изглед
  • Последен отговор от brian_smith

more options

I am trying to access an internal website that I can access using two other other popular non-FF browsers without issue. How do I resolve "Error code: ssl_error_renegotiation_not_allowed"?

I am trying to access an internal website that I can access using two other other popular non-FF browsers without issue. How do I resolve "Error code: ssl_error_renegotiation_not_allowed"?

Всички отговори (3)

more options

I think that indicates that the server does not support the renegotiation extension.

Firefox 38 removed a temporary preference that could override the built-in behavior of requiring "safe" negotiation. Do you have this preference in your about:config set to true? If so, it is now being ignored as a result of this change:

security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref

Someone encountered this problem and filed a bug for a different server: 1166348 – cannot login to https://sede.educacion.gob.es, a site requiring unsafe renegotiation, with a SSL certificate in Firefox 38. I think the response will be to try to get the site to update its server.

For an internal site, you may want to raise this issue with your IT and refer them to:

If the issue is not on the server itself, possibly it is a proxy.

more options

The website may try to fallback to a lower TLS version in a way that is no longer allowed in current releases or may be using a deprecated cipher suite.

You can open the about:config page via the location/address bar and use its search bar to locate this pref:

  • security.tls.insecure_fallback_hosts

You can double-click the line to modify the pref and add the full domain (TEXT) to the value of this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). There should only be domains separated by a comma in the Value column (example.com,www.example.com).

If this helps then you can contact this website and ask them to look into this and update their security.


more options

I tried adding the IP addresses of the hosts I need to access (192.168.blah.blah) to security.tls.insecure_fallback_hosts but no joy. I there anything else I need to do?.