cancel
Showing results for 
Search instead for 
Did you mean: 

access to low 40-bit ciphers no longer works with Firefox 19.0

Highlighted
New Contributor

access to low 40-bit ciphers no longer works with Firefox 19.0

Since updating to 19.0 I have a problem accessing https servers with old, less-secure ciphers:

Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)

I have used about:config to set security.ssl3.rsa_rc4_40_md5;true, which is how I got this to work for older versions of Firefox. It is still set to true after update to 19.0, but access no longer works.

4 REPLIES
Site Moderator

Re: access to low 40-bit ciphers no longer works with Firefox 19.0

That is the result of the landing of this bug:

  • bug 799007 - Remove support for low/weak/null cipher suites

(please do not comment in bug reports: https://bugzilla.mozilla.org/page.cgi?id=etiquette.html)

New Contributor

Re: access to low 40-bit ciphers no longer works with Firefox 19.0

Thanks cor-el.

I use Firefox to access the management ports of IBM pSeries p5 machines. These run a basic webserver and use https with low-security ciphers. They are not updateable to change this. Up until now, setting security.ssl3.rsa_rc4_40_md5;true has allowed me to continue to use Firefox to access these systems. With this "bug fix", actually a reduction in basic functionality, I can no longer do so. Our production servers are thus currently at risk. Any suggestions as to how I can get this necessary functionality back? Use some sort of "lite" browser just to access these management ports? As FireFox is my browser of choice, I do not want to have to permanently back-level it and expose myself to future security risks.

New Contributor

Re: access to low 40-bit ciphers no longer works with Firefox 19.0

Having tried a few "slim" browsers, which all also no longer support 40-bit or 56-bit ciphers, I have reverted to FF 17.03esr, which works a treat.

I shall now progress this issue further with IBM.

Site Moderator

Re: access to low 40-bit ciphers no longer works with Firefox 19.0

You can install a portable Firefox (ESR) version to access websites that do not work with the current Firefox release.