X
Tap here to go to the mobile version of the site.
IMPORTANT ANNOUNCEMENT: We’re going through some system changes, that may have slowed responses to your questions. If you had asked a question in the last couple of months, please re-post it and the community will help you as soon as we can. If you’ve registered after February 7th, please register again, the accounts on the previous site were not migrated to this temporary site. If you joined us before February 7, please reset your password if you have trouble logging into this temporary site.

Support Forum

access to low 40-bit ciphers no longer works with Firefox 19.0

Posted

Since updating to 19.0 I have a problem accessing https servers with old, less-secure ciphers:

Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)

I have used about:config to set security.ssl3.rsa_rc4_40_md5;true, which is how I got this to work for older versions of Firefox. It is still set to true after update to 19.0, but access no longer works.

Since updating to 19.0 I have a problem accessing https servers with old, less-secure ciphers: Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap) I have used about:config to set security.ssl3.rsa_rc4_40_md5;true, which is how I got this to work for older versions of Firefox. It is still set to true after update to 19.0, but access no longer works.

Additional System Details

Installed Plug-ins

  • Google Update
  • Shockwave Flash 11.6 r602
  • Next Generation Java Plug-in 10.13.2 for Mozilla browsers
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • LogMeIn, Inc. Remote Access Components
  • Adobe PDF Plug-In For Firefox and Netscape 10.1.5
  • The QuickTime Plugin allows you to view a wide variety of multimedia content in Web pages. For more information, visit the QuickTime Web site.
  • VLC media player Web Plugin 2.0.2
  • Adobe Shockwave for Director Netscape plug-in, version 11.6.6.636
  • 5.1.10411.0
  • GEPlugin
  • Adobe Shockwave for Director Netscape plug-in, version 11.6.1.629
  • Garmin Communicator Plug-In 2.9.3.0
  • The plug-in allows you to open and edit files using Microsoft Office applications
  • Zeon PDF Plugin For Mozilla
  • Office Authorization plug-in for NPAPI browsers
  • Office Plugin for Netscape Navigator

Application

  • User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:19.0) Gecko/20100101 Firefox/19.0

More Information

cor-el
  • Top 10 Contributor
  • Moderator
14847 solutions 134554 answers

That is the result of the landing of this bug:

  • bug 799007 - Remove support for low/weak/null cipher suites

(please do not comment in bug reports: https://bugzilla.mozilla.org/page.cgi?id=etiquette.html)

That is the result of the landing of this bug: *[https://bugzilla.mozilla.org/show_bug.cgi?id=799007 bug 799007] - Remove support for low/weak/null cipher suites <i>(please do not comment in bug reports: [https://bugzilla.mozilla.org/page.cgi?id=etiquette.html])</i>

Question owner

Thanks cor-el.

I use Firefox to access the management ports of IBM pSeries p5 machines. These run a basic webserver and use https with low-security ciphers. They are not updateable to change this. Up until now, setting security.ssl3.rsa_rc4_40_md5;true has allowed me to continue to use Firefox to access these systems. With this "bug fix", actually a reduction in basic functionality, I can no longer do so. Our production servers are thus currently at risk. Any suggestions as to how I can get this necessary functionality back? Use some sort of "lite" browser just to access these management ports? As FireFox is my browser of choice, I do not want to have to permanently back-level it and expose myself to future security risks.

Thanks cor-el. I use Firefox to access the management ports of IBM pSeries p5 machines. These run a basic webserver and use https with low-security ciphers. They are not updateable to change this. Up until now, setting security.ssl3.rsa_rc4_40_md5;true has allowed me to continue to use Firefox to access these systems. With this "bug fix", actually a reduction in basic functionality, I can no longer do so. Our production servers are thus currently at risk. Any suggestions as to how I can get this necessary functionality back? Use some sort of "lite" browser just to access these management ports? As FireFox is my browser of choice, I do not want to have to permanently back-level it and expose myself to future security risks.

Helpful Reply

Having tried a few "slim" browsers, which all also no longer support 40-bit or 56-bit ciphers, I have reverted to FF 17.03esr, which works a treat.

I shall now progress this issue further with IBM.

Having tried a few "slim" browsers, which all also no longer support 40-bit or 56-bit ciphers, I have reverted to FF 17.03esr, which works a treat. I shall now progress this issue further with IBM.
cor-el
  • Top 10 Contributor
  • Moderator
14847 solutions 134554 answers

Helpful Reply

You can install a portable Firefox (ESR) version to access websites that do not work with the current Firefox release.

You can install a portable Firefox (ESR) version to access websites that do not work with the current Firefox release. *http://portableapps.com/apps/internet/firefox_portable *http://sourceforge.net/projects/portableapps/files/Mozilla Firefox, Portable Ed./ *http://sourceforge.net/projects/portableapps/files/Mozilla%20Firefox%2C%20P.E.%20Legacy/