Right, support for TLS 1.0 and TLS 1.1 has been removed few months ago, but we reverted the change for an undetermined amount of time to better enable access to critical government sites sharing COVID19 information.

Firefox 74 will drop support for TLS 1.0 and TLS 1.1 by Martin Brinkmann on January 10, 2020 in Firefox - 26 comments

Version 74.0 of the Firefox web browser will drop support for the encryption protocols TLS 1.0 and TLS 1.1 entirely. Sites that don't support at least TLS 1.2 will show a "secure connection failed" error page when the change lands preventing users from accessing the sites.

Mozilla and other browser makers including Google, Microsoft and Apple revealed plans in 2018 to deprecate TLS 1.0 and TLS 1.1 in 2020 to improve the security and performance of Internet connections.

The announcement was made well in advance to give webmasters and organizations time to migrate services that still used one of the protocols to a newer protocol.

TLS 1.3 Final was published in 2018 and browser makers like Mozilla or Google implemented support for the new protocol in their browsers. All major web browsers support TLS 1.3 as of today.

While support for better more secure protocols is available, some sites have not migrated to using these protocols exclusively. A Mozilla scan in mid 2019 showed that about 8000 sites of a list with 1 million top sites were not supported TLS 1.2 or higher. The count may be lower by now considering that another six months have passed since the scan was made.

firefox tls 1.0 1.1 deprecation

Starting in Firefox 74, sites that use TLS 1.1 or lower won't load anymore in the browser. The same will happen at around the same time in Google Chrome and other major browsers such as Microsoft Edge or Apple Safari.

I have looked inside the latest firefox (77.0.1 (64-bit)) configuration, and found the following configuration set by default (included in the first image).

Hi Guy, feel free to modify the security.tls.version.min preference as you like, especially if you don't need to use sites that are stuck on an older version. You can double-click the preference to display an editing field, and change the value from 1 to 3 to require at least TLS 1.2. Then press Enter or click the blue check mark button to save the change.

More info on about:config: Configuration Editor for Firefox.

sudaiguy1 said

I have looked inside the latest firefox (77.0.1 (64-bit)) configuration, and found the following configuration set by default (included in the first image).

Hi Guy, feel free to modify the security.tls.version.min preference as you like, especially if you don't need to use sites that are stuck on an older version. You can double-click the preference to display an editing field, and change the value from 1 to 3 to require at least TLS 1.2. Then press Enter or click the blue check mark button to save the change.

More info on about:config: Configuration Editor for Firefox.

I obviously know how to modify the value... I just mentioned that the default should be changed. I marked a different answer as the correct one. Not sure if you understood what I asked

Not sure if you understood what I asked

Of course. Your question was indeed answered by the first reply. But our comments are directed toward everyone who might read this thread after finding it in a search, and some of them might need the steps to override the default, even if you didn't. And since no one else mentioned them, I chipped in with that. Sorry if you felt I was insulting your intelligence.

What information is available about how to re-enable support for TLS 1.0 and 1.1 to connect with Firefox to private websites that have not or cannot be updated to TLS 1.2?

There's a button on the error page for now to re-enable it.