X
Tap here to go to the mobile version of the site.

Support Forum

Firefox blocks a site that Safari and Edge don't block

Posted

Hi,

I can open this site with Safari and Microsoft Edge without problems: https://dev.maxprograms.com:8000/

Certificate is properly read and displayed on request.

Firefox refuses to open the site and displays this error: SSL received a record with an incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_READ

I'm absolutely sure the certificate is fine and working. Firefox is able to open another URL in the same server that uses that certificate. The only difference is the server software (one uses Tomcat and the other plain Java 11)

Can anybody tell me what is wrong?

Thanks, Rodolfo

Hi, I can open this site with Safari and Microsoft Edge without problems: https://dev.maxprograms.com:8000/ Certificate is properly read and displayed on request. Firefox refuses to open the site and displays this error: SSL received a record with an incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_READ I'm absolutely sure the certificate is fine and working. Firefox is able to open another URL in the same server that uses that certificate. The only difference is the server software (one uses Tomcat and the other plain Java 11) Can anybody tell me what is wrong? Thanks, Rodolfo

Chosen solution

It works if I disable TLS 1.3

  • security.tls.version.max = 3
  • 1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3;

I think that TLS 1.3 is more strict then previous TLS version and refuses to connect if there is a problem.

Read this answer in context 1

Additional System Details

Installed Plug-ins

  • Shockwave Flash 32.0 r0

Application

  • User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:64.0) Gecko/20100101 Firefox/64.0

More Information

FredMcD
  • Top 10 Contributor
4149 solutions 57921 answers
error code: ssl_error_bad_mac_read See if this helps; https://support.mozilla.org/en-US/questions/1032303 Web search https://www.bing.com/search?q=SSL_ERROR_BAD_MAC_READ
cor-el
  • Top 10 Contributor
  • Moderator
17277 solutions 156165 answers

Chosen Solution

It works if I disable TLS 1.3

  • security.tls.version.max = 3
  • 1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3;

I think that TLS 1.3 is more strict then previous TLS version and refuses to connect if there is a problem.

It works if I disable TLS 1.3 *security.tls.version.max = 3 *1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3; I think that TLS 1.3 is more strict then previous TLS version and refuses to connect if there is a problem.

Question owner

Setting security.tls.version in Firefox to 3 helped.

Now I need to learn how to tell the server to set that value.

Thanks!

Setting security.tls.version in Firefox to 3 helped. Now I need to learn how to tell the server to set that value. Thanks!