hello, ssl 3.0 is disabled in firefox versions 34 & upwards by default - if you want to re-enable it you can do that like this which will make you vulnerable to the recently published poodle attack though: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.tls.version.min. double-click it, change its value to 0 and restart the browser.

https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

Thanks for your prompt reply.

Is there a way to disable ssl3.0 by default and only enable it for well-specified connections, such as internal systems you know to be safe?

unfortunately it's not possible so set this preference selectively - with the internal firefox preference mentioned before, you can only enable or disable the weak protocol globally.

Not the answer I was hoping for, but probably the best possible solution at this time.

Thanks for your assistance, Philip.

There has to be something related to FireFox here. I simply disabled SSL v3 on a webserver of mine and this error message is displayed, saying SSLv3 is enabled, when it clearly isn't. I have verified it is not enabled, both visually, and also using this link https://www.ssllabs.com/ssltest/

I know it is off, yet FireFox displays the message: Firefox cannot guarantee the safety of your data on my.website.here because it uses SSLv3, a broken security protocol. Advanced info: ssl_error_no_cypher_overlap

What I haven't done is disable SSL2, but all of the ciphers are disabled, so that shouldn't matter. The only protocol I have it configured to support right now is TLS 1.2, since all of my clients using it have browsers that support it. It sounds to me FireFox is detecting SSLv3 incorrectly.

DubStep said

There has to be something related to FireFox here. I simply disabled SSL v3 on a webserver of mine and this error message is displayed, saying SSLv3 is enabled, when it clearly isn't. I have verified it is not enabled, both visually, and also using this link https://www.ssllabs.com/ssltest/ I know it is off, yet FireFox displays the message: Firefox cannot guarantee the safety of your data on my.website.here because it uses SSLv3, a broken security protocol. Advanced info: ssl_error_no_cypher_overlap What I haven't done is disable SSL2, but all of the ciphers are disabled, so that shouldn't matter. The only protocol I have it configured to support right now is TLS 1.2, since all of my clients using it have browsers that support it. It sounds to me FireFox is detecting SSLv3 incorrectly.

Actually check that...SSLv2 is disabled by default, so me explicitly including that line is redundant. If I turn on SSLv3 and also lower the minimum TLS version, Firefox 34.0.5 works. If I turn it off, Firefox ceases to work. Chrome still works fine with TLS 1.2. Even freaking Internet Explorer 11 works fine. Firefox is the only one with the issue. Something tells me it's ciphers, but I used the modern and intermediate settings here https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29 and it didn't make a difference, other than changing the rating on my Qualys scan. My site support the ciphers below. Does Firefox not work with any of these?

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256