This thread was archived. Please ask a new question if you need help.
https-access to the router doesn't work beginning with Firefox 33.0
https-access to the home router Linksys wrt610n worked fine till Firefox 32.0.3 The dd-wrt software of this router has self-signed certificate with RSA public key = 512 bits (yes, it's too short nowadays). Starting with Firefox 33.0 and including 34, 35, 36 https-access doesn't work. It is desirable to restore https-behavior like in Firefox 32.0.3 (with warning and ability to make security exception). Please see attachment with result of https-request in different versions of Firefox. Thank you.
hello, do the suggestions from https://support.mozilla.org/en-US/questions/1038487 help in your case?Read this answer in context 👍 1
All Replies (3)
hello, do the suggestions from https://support.mozilla.org/en-US/questions/1038487 help in your case?
Clarification: all screenshots are "Firefox for Windows". FF32.0.3 warns This Connection is Untrusted (Error code: sec_error_unknown_issuer). FF33 informs Secure Connection Failed (Error code: sec_error_invalid_key). FF34 and 35 informs The connection was interrupted. Latest beta FF36.0b7 informs Secure Connection Failed. See similar topic https://support.mozilla.org/en-US/questions/1018618
philipp, thank you! Suggestions from https://support.mozilla.org/en-US/questions/1038487 help me.
Particularly, these tricks: in about:config Modify security.tls.version.min from 1 to 0 sometimes it's necessary also to Modify security.tls.version.fallback-limit from 1 to 0 By the way, FF32.0.3 has security.tls.version.min = 0, by default.
I've tested FF35 and 36.0b7. FF warns This Connection is Untrusted (as FF32.0.3 did, but with another Error code: mozilla_pkix_error_inadequate_key_size)
P.S. But better solution (from security point) is replace old certificates with too short RSA-keys. http://www.dd-wrt.com/wiki/index.php/Web_server#Change_SSL_cert_for_HTTPS_certificates
However, SSLv3 is now insecure, and is soon going to be disabled by default. https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
Modified by pion19