Unfortunately, the image upload failed. Could you try attaching it to a reply?

https://support.mozilla.org/questions/1230259#question-reply

You also could right-click > Copy, then Paste individual preferences from about:config into a reply.

Here is the images

Hmm, possibly because of Logjam the security.ssl3.dhe_rsa_aes_128_sha and security.ssl3.dhe_rsa_aes_256_sha ciphers are not used any more, even though they are listed in preferences??

Is there no way to enable DHE-RSA? I think there would be some way because there is DHE-RSA option in config. Why would they just make a option that doesn't work? Then this is a program malformation. I think such a big project like firefox wouldn't have such a basic fault.

Hi zezeon, after further research, these ciphers are not used when TLS 1.3 is enabled, so they seem to have been phased out silently as part of the TLS 1.3 roll-out in bug 1279479.

To see those ciphers on a test page, I needed to disable TLS 1.3 so the initial negotiation was made using TLS 1.2:

security.tls.version.fallback-limit => 3 security.tls.version.max => 3

Example screenshots attached using https://www.ssllabs.com/ssltest/viewMyClient.html

That will probably work for a while because TLS 1.2 is still widely deployed.

See also: bug 1169721 - ssl_error_weak_server_ephemeral_dh_key - TLS_DHE_RSA_WITH_AES_128_CBC_SHA listed in TLS handshake supported ciphers, but not actually supported.

Thanks jscher2000.. You saved me. Limiting tls version worked. For a long time I was not able to test my software, because no browser is supporting DHE-RSA(suddenly). Now I can move forward.. cor-el, thanks too.