X
Tap here to go to the mobile version of the site.

Support Forum

Is any option for enable SSL3 version in firefox34 version temporarily ?

Posted

Hello,

upgraded my firefox to latest version , I need to access a bank url, While accessing the url getting following error

=

Firefox cannot guarantee the safety of your data on ========== because it uses SSLv3, a broken security protocol. Advanced info: ssl_error_no_cypher_overlap Learn More…

=

My i know is there any option for enabling SSLv3 in firefox34 for temporarily

Hello, upgraded my firefox to latest version , I need to access a bank url, While accessing the url getting following error =========== Firefox cannot guarantee the safety of your data on ========== because it uses SSLv3, a broken security protocol. Advanced info: ssl_error_no_cypher_overlap Learn More… =========== My i know is there any option for enabling SSLv3 in firefox34 for temporarily

Additional System Details

Installed Plug-ins

  • Shockwave Flash 11.2 r202
  • Mime Type x-skype for Skype Buttons

Application

  • User Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:33.0) Gecko/20100101 Firefox/33.0

More Information

philipp
  • Top 25 Contributor
  • Moderator
5315 solutions 23454 answers

Helpful Reply

hello shyjith_ck, ssl 3.0 is disabled in firefox versions 34 & upwards by default. no legitimate website let alone a bank should still use this vulnerable protocol, please contact their customer service and complain about this issue - if you want to re-enable SSL 3.0, you can do it like this, which will make you vulnerable to the recently published poodle attack though: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.tls.version.min. double-click it, change its value to 0 and restart the browser.

https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

hello shyjith_ck, ssl 3.0 is disabled in firefox versions 34 & upwards by default. no legitimate website let alone a bank should still use this vulnerable protocol, please contact their customer service and complain about this issue - if you want to re-enable SSL 3.0, you can do it like this, which will make you vulnerable to the recently published poodle attack though: enter '''about:config''' into the firefox address bar (confirm the info message in case it shows up) & search for the preference named '''security.tls.version.min'''. double-click it, change its value to '''0''' and restart the browser. https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
James
  • Moderator
1598 solutions 11285 answers

You may need to look for security.tls.version.fallback-limit and Modify that from one to zero also. Otherwise it may still use TLS 1.0 at minimum.

You should reset these preferences so they go back to default after done to be safe.

You may need to look for security.tls.version.fallback-limit and Modify that from one to zero also. Otherwise it may still use TLS 1.0 at minimum. You should reset these preferences so they go back to default after done to be safe.

Modified by James