Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Problem with 'require safe negotiation'

  • 3 replies
  • 1 has this problem
  • 1027 views
  • Last reply by pysar

more options

I tried to make a purchase and during one of the redirects Firefox reported that it was unable to establish safe negotiation (error code: SSL_ERROR_UNSAFE_NEGOTIATION). The site that had the problem is https://secure5.arcot.com/ . I have security.ssl.require_safe_negotiation set to true. However, if I set it to false and go to that site, Firefox reports that it uses "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 256 bit keys, TLS 1.2". I am not an expert in ciphers/TLS but the version seems sufficiently new.

I would like to report the problem but I need to know whom to report it. So far, it seems like a Firefox bug. However, I am not a security expect and, perhaps, the site is using a different obsolete SSL version to negotiate. How can I determine what exactly caused the failure?

Modified by pysar

Chosen solution

Hi, sorry to take so long to get back to you. It is not your or Firefox's problem.

If you go to https://secure5.arcot.com/ and then click the Show Site Information which is the i in a circle in the Address Bar then the Right Arrow Point > , Then More Information then the Show Certificate Button it will tell you that they are using a Symantec Certificate. They have all been revoked and are no longer acceptable to any browser do to their issue of loosing and suspect sites having them. Digicert as per this url :

You may want to inform the site if you can.

Please let us know if this solved your issue or if need further assistance.

Read this answer in context 👍 0

All Replies (3)

more options

Chosen Solution

Hi, sorry to take so long to get back to you. It is not your or Firefox's problem.

If you go to https://secure5.arcot.com/ and then click the Show Site Information which is the i in a circle in the Address Bar then the Right Arrow Point > , Then More Information then the Show Certificate Button it will tell you that they are using a Symantec Certificate. They have all been revoked and are no longer acceptable to any browser do to their issue of loosing and suspect sites having them. Digicert as per this url :

You may want to inform the site if you can.

Please let us know if this solved your issue or if need further assistance.

more options
more options

Thanks! I mistakenly thought that the error code was related only to the incorrect protocol version. I will send an email to the seller company.