Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox blocks a site that Safari and Edge don't block

  • 3 replies
  • 1 has this problem
  • 1 view
  • Last reply by rmraya

more options

Hi,

I can open this site with Safari and Microsoft Edge without problems: https://dev.maxprograms.com:8000/

Certificate is properly read and displayed on request.

Firefox refuses to open the site and displays this error: SSL received a record with an incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_READ

I'm absolutely sure the certificate is fine and working. Firefox is able to open another URL in the same server that uses that certificate. The only difference is the server software (one uses Tomcat and the other plain Java 11)

Can anybody tell me what is wrong?

Thanks, Rodolfo

Hi, I can open this site with Safari and Microsoft Edge without problems: https://dev.maxprograms.com:8000/ Certificate is properly read and displayed on request. Firefox refuses to open the site and displays this error: SSL received a record with an incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_READ I'm absolutely sure the certificate is fine and working. Firefox is able to open another URL in the same server that uses that certificate. The only difference is the server software (one uses Tomcat and the other plain Java 11) Can anybody tell me what is wrong? Thanks, Rodolfo

Chosen solution

It works if I disable TLS 1.3

  • security.tls.version.max = 3
  • 1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3;

I think that TLS 1.3 is more strict then previous TLS version and refuses to connect if there is a problem.

Read this answer in context 👍 1

All Replies (3)

more options
more options

Chosen Solution

It works if I disable TLS 1.3

  • security.tls.version.max = 3
  • 1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3;

I think that TLS 1.3 is more strict then previous TLS version and refuses to connect if there is a problem.

more options

Setting security.tls.version in Firefox to 3 helped.

Now I need to learn how to tell the server to set that value.

Thanks!