Zobrazenie otázok označených: Zobraziť všetky otázky

Mozilla Firefox does not work when disabling the encryption key TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)

Dear Mozilla team, We are a company that develops web systems. The customer’s security service asks us to close all old encryption keys on the server in order to avoid sy… (čítať viac)

Dear Mozilla team,

We are a company that develops web systems. The customer’s security service asks us to close all old encryption keys on the server in order to avoid system vulnerabilities and use only new keys. We disabled most of the old keys and the system works fine on all browsers. As soon as we turn off the encryption key TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014), then all web systems stop working through the Mozilla Firefox browser. (At the same time, everything works correctly on other browsers). The Mozilla Firefox Documentation says that this browser supports new encryption keys and can work without old encryption keys. Link (https://wiki.mozilla.org/Security/Server_Side_TLS). Also on our server are included all the necessary encryption keys for Mozilla Firefox to work.

Do you have any ideas on how to solve this?

Asked by yulyan.karpiy Pred 3 mesiacmi

Last reply by dkeeler Pred 3 mesiacmi

  • Vyriešené
  • Archivované

TLS handshake for minutes, then fail. Computer restart always fixes

This started when I installed V68 on my Mac (I'm on 68.0.2 now, Mac is 10.12.6). About half the time when I start my computer in the morning, when I try to browse *any* … (čítať viac)

This started when I installed V68 on my Mac (I'm on 68.0.2 now, Mac is 10.12.6). About half the time when I start my computer in the morning, when I try to browse *any* site (http or https), I get the TLS handshake attempt that lasts for several minutes, then connection fails.

BUT, *unlike other posts with this problem*, if I restart my computer (restarting FF does not fix it), all is well. A detail (not sure if relevant): the pages my (Comcast) server has local copies of, that is, my home page and a couple of very frequently accessed pages, I can access, but any other site, regardless of http or https, results in the TLS handshake "freeze 'n fail."

  • Edit: I just lost then, 10 mins later, regained my Comcast (internet, mail, cable). I did not re-start computer or FF, but when signal returned, I got the dreaded TLS Handshake Freeze 'N Fail. Again, computer restart let me come here to report.

Asked by ChrisG Pred 9 mesiacmi

Answered by ChrisG Pred 5 mesiacmi

  • Archivované

Can't enable TLS 1.3

I have downloaded both the Nightly and Firefox Dev Edition but non of them can enable TLS 1.3 I have use "about:config" to config the tls max version to "4" (which should… (čítať viac)

I have downloaded both the Nightly and Firefox Dev Edition but non of them can enable TLS 1.3

I have use "about:config" to config the tls max version to "4" (which should be TLS1.3 supported) but nothing happens. I try the https://nghttp2.org:13443/ (which is TLS1.3 supported if I connect it by openssl directly).

Asked by yctung Pred 2 rokmi

Last reply by cor-el Pred 2 rokmi