X
Tap here to go to the mobile version of the site.

Support Forum

How do I get 128-bit encryption in Firefox 4.0 for a financial website?

Posted

I need 128-bit encryption capability on my web browser in order to use a specific financial website for bill paying, The site's encryption test shows that Firefox 4.0 (newly installed) does not provide that level of security. Help?

I need 128-bit encryption capability on my web browser in order to use a specific financial website for bill paying, The site's encryption test shows that Firefox 4.0 (newly installed) does not provide that level of security. Help?

Chosen solution

Firefox will match the level of encryption the website uses, and Firefox is capable of higher encryption than 128-bit (256-bit if that is what the website uses).

Read this answer in context 13

Additional System Details

Sites Affected

http://

Installed Plug-ins

  • Garmin Communicator Plug-In 2.9.3.0
  • Office Plugin for Netscape Navigator
  • Coupons, Inc. Coupon Printer DLL
  • Coupons, Inc. Coupon Printer Plugin
  • The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Adobe PDF Plug-In For Firefox and Netscape "9.4.3"
  • Google Update
  • BrowserPlus -- Improve your browser! -- http://browserplus.yahoo.com/
  • Shockwave Flash 10.2 r153
  • Garmin Communicator Plug-In 2.9.2.0
  • Picasa plugin
  • Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers
  • 4.0.60129.0
  • Office Live Update v1.5
  • NPWLPG
  • Windows Presentation Foundation (WPF) plug-in for Mozilla browsers

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.0; rv:2.0) Gecko/20100101 Firefox/4.0

More Information

the-edmeister
  • Top 10 Contributor
  • Moderator
3931 solutions 29647 answers

Chosen Solution

Firefox will match the level of encryption the website uses, and Firefox is capable of higher encryption than 128-bit (256-bit if that is what the website uses).

Firefox will match the level of encryption the website uses, and Firefox is capable of higher encryption than 128-bit (256-bit if that is what the website uses).

Question owner

@the-edmeister. Does this "match" occur synchronously with input to the website or is some other means needed? Thank you.

@the-edmeister. Does this "match" occur synchronously with input to the website or is some other means needed? Thank you.
cor-el
  • Top 10 Contributor
  • Moderator
12316 solutions 114011 answers

It depends on which order the server offers. If the server offers 128 bit with a higher priority that 256 bit then Firefox will only select 256 bit if you would disable the 128 bit ciphers.

See also https://www.fortify.net/cgi/ssl_2.pl

It depends on which order the server offers. If the server offers 128 bit with a higher priority that 256 bit then Firefox will only select 256 bit if you would disable the 128 bit ciphers. See also https://www.fortify.net/cgi/ssl_2.pl

Question owner

@cor-el. Sorry, but I'm a novice using technology so your reply has confused me totally. Can you possibly simplify your answer for me? Thanks.

@cor-el. Sorry, but I'm a novice using technology so your reply has confused me totally. Can you possibly simplify your answer for me? Thanks.
CJC 0 solutions 1 answers

Firefox 4 for MAC does not work with the US government's security screening site: www.opm.gov/e-qip. Is there something I need to do on my end to let the e-qip site know that 128-bit high encryption is supported??

I get the following warning when e-qip tests my browser. Then I get kicked out.

Warning - We did not detect that your web browser supports 128-bit high encryption. If you have trouble connecting after you click the "Continue" button below, you will need to upgrade your web browser to a version that supports 128-bit encryption.

Thank you

Firefox 4 for MAC does not work with the US government's security screening site: www.opm.gov/e-qip. Is there something I need to do on my end to let the e-qip site know that 128-bit high encryption is supported?? I get the following warning when e-qip tests my browser. Then I get kicked out. Warning - We did not detect that your web browser supports 128-bit high encryption. If you have trouble connecting after you click the "Continue" button below, you will need to upgrade your web browser to a version that supports 128-bit encryption. Thank you
cor-el
  • Top 10 Contributor
  • Moderator
12316 solutions 114011 answers

Did you try to click the Continue button to see if that works?

Works for me with an AES-256 bit connection.

Did you try to click the Continue button to see if that works? *http://www.opm.gov/e-QIP/browser-check.asp?check Works for me with an AES-256 bit connection. * [http://kb.mozillazine.org/Menu_differences Firefox > Preferences] > Advanced > Encryption: Protocols: SSL 3.0, TLS 1.0
James
  • Top 25 Contributor
  • Moderator
669 solutions 4966 answers

Helpful Reply

I think the www.opm.gov site may be looking for the U that was in the Firefox 3.6 and earlier useragents as it was one of the things removed in Firefox 4.0 and newer useagents. The site says it recognizes the browser but does not detect that your web browser supports 128-bit high encryption which contradicts.

The "U" stands for "USA" (for the version with 128-bit encryption) (since 1996).

I think the www.opm.gov site may be looking for the '''U''' that was in the Firefox 3.6 and earlier useragents as it was one of the things removed in Firefox 4.0 and newer useagents. The site says it recognizes the browser but does not detect that your web browser supports 128-bit high encryption which contradicts. The "U" stands for "USA" (for the version with 128-bit encryption) (since 1996).
cor-el
  • Top 10 Contributor
  • Moderator
12316 solutions 114011 answers

Looks like you are right on that James!
Indeed adding "U;" to the user agent makes the red cross and the warning disappear.

That is however not the proper way to test for the presence of a feature.

Looks like you are right on that James!<br /> Indeed adding "U;" to the user agent makes the red cross and the warning disappear. That is however not the proper way to test for the presence of a feature.
ttz085 0 solutions 2 answers

I get the following error message at the Texas Dept. of Licensing site : Browser 128-Bit SSL Verification Page

Browser Problem! Your Firefox 4.0.1 web browser has 0-Bit Encryption enabled.

This application requires a 128-Bit Encryption web browser, and so it cannot be used by your current browser.

You will need to download a recent version of Microsoft Internet Explorer or Netscape Navigator with 128-Bit Encryption Strength in order to use the secure online payment system.

I get the following error message at the Texas Dept. of Licensing site : Browser 128-Bit SSL Verification Page Browser Problem! Your Firefox 4.0.1 web browser has 0-Bit Encryption enabled. This application requires a 128-Bit Encryption web browser, and so it cannot be used by your current browser. You will need to download a recent version of Microsoft Internet Explorer or Netscape Navigator with 128-Bit Encryption Strength in order to use the secure online payment system.
ttz085 0 solutions 2 answers

where do you type "U" ?

where do you type "U" ?
cor-el
  • Top 10 Contributor
  • Moderator
12316 solutions 114011 answers

You can see the current user agent on the Help > Troubleshooting Information page.

You can try to add "U;" via variations like these for the user agent setting via the pref general.useragent.override to see if that works.
If you update Firefox then you need to adjust the Gecko and Firefox version to reflect the currently installed version.

  • Mozilla/5.0 (Windows NT 6.0; U; rv:2.0.1) Gecko/20100101 Firefox/4.0.1
  • Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:2.0.1) Gecko/20100101 Firefox/4.0.1

You can see the current user agent on the Help > Troubleshooting Information page. You can try to add "U;" via variations like these for the user agent setting via the pref general.useragent.override to see if that works.<br /> If you update Firefox then you need to adjust the Gecko and Firefox version to reflect the currently installed version. *Mozilla/5.0 (Windows NT 6.0; U; rv:2.0.1) Gecko/20100101 Firefox/4.0.1 *Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:2.0.1) Gecko/20100101 Firefox/4.0.1 ---- * http://kb.mozillazine.org/about:config

Modified by cor-el

jfdx 0 solutions 2 answers

is there an upgrade in the works to fix this

is there an upgrade in the works to fix this
James
  • Top 25 Contributor
  • Moderator
669 solutions 4966 answers

To fix what? .. to put back the U because of a the few websites outdated browser sniffing methods looking for the U in useragent?

To fix what? .. to put back the U because of a the few websites outdated browser sniffing methods looking for the U in useragent?
jfdx 0 solutions 2 answers

I don't know, and I don't know if it is only a few. I presume there was a reason for taking the U out. Perhaps to improve some other functionality. As of now, the credit card website where I encountered the problem cannot verify the ability of Firefox to use 128 encryption and requires that the user certify that his browser is capable. In that way they offload the responsibility for the maintaining security of the user's data back to the user.

I don't know, and I don't know if it is only a few. I presume there was a reason for taking the U out. Perhaps to improve some other functionality. As of now, the credit card website where I encountered the problem cannot verify the ability of Firefox to use 128 encryption and requires that the user certify that his browser is capable. In that way they offload the responsibility for the maintaining security of the user's data back to the user.
cor-el
  • Top 10 Contributor
  • Moderator
12316 solutions 114011 answers

It is the consequence of removing as much data as possible from the user agent and only leave the bare minimum.

It is the consequence of removing as much data as possible from the user agent and only leave the bare minimum. *http://hacks.mozilla.org/2010/09/final-user-agent-string-for-firefox-4/
juloneil 0 solutions 2 answers

Does anyone know where to look in Firefox to see if a website HAS SSL encryption? I've come across a site that claims it has encryption, but in other browsers there is a lock icon that indicates this is true and you can check the encryption certificate there. Where is this in Firefox? I looked on http://www.ssl.com and they said Firefox has a lock on the lower left of the status bar. However there is NO status bar in my version of Firefox, no matter how far down I go. (I'm running v 10.0.2, so I think that's the latest and greatest, right?) I'm reasonably sure Firefox would display such an indicator, but I just can't seem to find it. Any suggestions?

Does anyone know where to look in Firefox to see if a website HAS SSL encryption? I've come across a site that claims it has encryption, but in other browsers there is a lock icon that indicates this is true and you can check the encryption certificate there. Where is this in Firefox? I looked on http://www.ssl.com and they said Firefox has a lock on the lower left of the status bar. However there is NO status bar in my version of Firefox, no matter how far down I go. (I'm running v 10.0.2, so I think that's the latest and greatest, right?) I'm reasonably sure Firefox would display such an indicator, but I just can't seem to find it. Any suggestions?
cor-el
  • Top 10 Contributor
  • Moderator
12316 solutions 114011 answers

Helpful Reply

In Firefox 4 and later you no longer have the Status bar that showed the padlock in previous Firefox versions.
The padlock only shows that there is a secure connection and doesn't guarantee that you are connected to the right server.
So you might still be connected to the wrong server if you make a typo in the URL and someone has claimed that mistyped URL.
The functionality of the padlock has been replaced by the How do I tell if my connection to a website is secure? on the left end of the location bar.

See also:

In Firefox 4 and later you no longer have the Status bar that showed the padlock in previous Firefox versions.<br /> The padlock only shows that there is a secure connection and doesn't guarantee that you are connected to the right server.<br /> So you might still be connected to the wrong server if you make a typo in the URL and someone has claimed that mistyped URL.<br /> The functionality of the padlock has been replaced by the [[Site Identity Button]] on the left end of the location bar.<br /> <br /> See also: * https://support.mozilla.org/kb/Site+Identity+Button
juloneil 0 solutions 2 answers

This was incredibly helpful to me. Also, I found a spot on the mozilla website that might be helpful to others, as it illustrates what this looks like. Hopefully this link will work for you, too. Try it and see if this is what you're after: http://support.mozilla.org/en-US/kb/Site%20Identity%20Button

This was incredibly helpful to me. Also, I found a spot on the mozilla website that might be helpful to others, as it illustrates what this looks like. Hopefully this link will work for you, too. Try it and see if this is what you're after: http://support.mozilla.org/en-US/kb/Site%20Identity%20Button