Søg i Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

After upgrading to 27.0.1, I can no longer access one secure site. I now get Error code: ssl_error_bad_mac_alert. This worked before the update.

  • 3 svar
  • 16 har dette problem
  • 38108 visninger
  • Seneste svar af Dravic1on

more options

I am trying to access the GUI administration page of my wireless controller. It is using a cert issued by the vendor that makes it, so the names do not match. I have created a permanent exception for the certificate. Whenever I try to access the site, I now get the following error every time:

Secure Connection Failed

An error occurred during a connection to 172.24.6.10:4343. SSL peer reports incorrect Message Authentication Code. (Error code: ssl_error_bad_mac_alert)

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.

This page worked fine before the most recent update.

Is there a setting or something I can change to allow this page to load?

Valgt løsning

I've also seen issues reported caused by Firefox using some specific cipher suites that aren't supported properly by the server.

A possibility to test this is to disable all SSL cipher suites on the about:config page (i.e. toggle security.ssl3.* prefs that are true to false) and enable one at the time to see if you can find the culprit and keep this suite disabled and reset the others or continue testing to see which ciphers work.
Do a hard refresh of the tab with the 172.24.6.10:4343 page via Ctrl+F5 after each change.

You can open the about:config page via the location bar.

Læs dette svar i sammenhæng 👍 1

Alle svar (3)

more options

I've seen suggestions along the following lines, but haven't really tried to understand this error in detail:

  • Check that computer date and time are current (but if they are wrong, you would have this problem on lots of sites)
  • Power-cycle the router (off and on)
  • Disable Firefox's use of IPv6 addressing (steps) (issue was with a website, not a local device)
  • Check for involvement by your security suite (filtering feature that can go by a variety of names).

On that last point, the more common error code when you expand the "Technical Details" of the error page is:

  • sec_error_untrusted_issuer

A common problem recently is Firefox not being set up to work with your security software. Some security suites include a filtering feature. In order to filter secure connections (HTTPS URLs), the security software presents a fake certificate to Firefox so it can intercept and stand in the middle of the secure connection. To have Firefox trust these certificates, you may need to do something such as import a root certificate, or click something in your security software's settings.

Of course, the problem also could be caused by spyware.

If you have added Exceptions, please check the "Issued by" section on one or two of the exceptions you've made to learn more about the source of this issue.

orange Firefox button (or Tools menu) > Options > Advanced > Certificates mini-tab > "View Certificates" button > Servers tab

Click a certificate and use the View button. The kind of issuer you might find is:

  • Name associated with your security software, such as ESET, BitDefender, etc.
  • Sendori (indicates unwanted software from Sendori)
  • FiddlerRoot (indicates unwanted software named similarly to BrowserSafeguard, BrowserSafe, SafeGuard)
  • Something else

If you have not added Exceptions, you can click the Add Exception button in the error page, then in the dialog click View Certificate or Get Certificate to see the Issued by section. You do not need to finish adding an exception.

What do you see?

more options

Valgt løsning

I've also seen issues reported caused by Firefox using some specific cipher suites that aren't supported properly by the server.

A possibility to test this is to disable all SSL cipher suites on the about:config page (i.e. toggle security.ssl3.* prefs that are true to false) and enable one at the time to see if you can find the culprit and keep this suite disabled and reset the others or continue testing to see which ciphers work.
Do a hard refresh of the tab with the 172.24.6.10:4343 page via Ctrl+F5 after each change.

You can open the about:config page via the location bar.

more options

Thank you both for your suggestions. I had seen the possible solutions of time and ipv6, but those did not help. I cannot recycle the wireless controller, as that would disrupt my business's network too much.

Cor-el, your answer was what worked for me. I went through each security.ssl3. setting like you suggested and found that

security.ssl3.dhe_rsa_des_ede3_sha is where the error was coming from.

With that one set to false, I was able to connect to the admin page again. When I set it back to true, the error comes back.

I also found that specifically any one of the following were needed for teh connection to work as long as the one above was false.

security.ssl3.rsa_aes_128_sha security.ssl3.rsa_aes_256_sha security.ssl3.rsa_des_ede3_sha

so I am leaving the one that caused the error disabled and it is working again.

Thanks!