Add Exception for Hardware Appliance Not Working on 37.0.1
Before I upgraded to v37.0.1 in the last week I was using v31. I used v31 to connect to a EMC VNX5400. The connection to the appliance is a secure connection and when I browsed to the appliance the very first time (many moons ago) I had to add an exception. No biggy. Upgrading over the years it has never been necessary to add an exception again, because I just upgrade FF.
However, after the upgrade to v37.0.1, I browsed to my appliance like always but was confronted with the "This Connection is Untrusted" dialog. Which wouldn't be a problem except, when I click on the "Add Exception" nothing happens.
I have deleted the existing certificate, which was still there by the way, from the certificate store in Options->Advanced->Security.
Manually trying to add the exception also doesn't work. I attach a screenshot of this.
Any ideas why FF is behaving in this way?
- Adobe PDF Plug-In For Firefox and Netscape 11.0.10
- Citrix Receiver Plugin (Win32)
- IE Tab 2 Plug-in for Mozilla/Firefox
- NPRuntime Script Plug-in Library for Java(TM) Deploy
- Next Generation Java Plug-in 11.31.2 for Mozilla browsers
- NVIDIA 3D Vision Streaming plugin for Mozilla browsers
- NVIDIA 3D Vision plugin for Mozilla browsers
- Shockwave Flash 17.0 r0
- Adobe Shockwave for Director Netscape plug-in, version 18.104.22.168
- User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0
If you have the ip of the server you may be able to detect what tls/ssl version its using:
There was an update to the fallback TLS tolerance in Firefox. There are two work arounds, adding the dns name to the list of allowed domains in the about:config page or to change the general fallback limit to 1. The former is a bit more secure since you mentioned that the connection is a secure one.
In order to change your Firefox Configuration please do the following steps :
- In the Location bar, type about:config and press Enter. The about:config "This might void your warranty!" warning page may appear.
- Click I'll be careful, I promise! to continue to the about:config page.
- Later: security.tls.version.fallback-limit = 1 or Former: (borrowed from cor-el)-> security.tls.insecure_fallback_hosts
You can double-click the line to modify the pref and add the full domain to this pref. If there are already websites (domains) in this list then add a comma and the new domain (no spaces). You should only see domains separated by a comma in the value column.