Search Support

Problem with 'require safe negotiation'

  • 3 trả lời
  • 1 gặp vấn đề này
  • 872 lượt xem
  • Trả lời mới nhất được viết bởi pysar

more options

I tried to make a purchase and during one of the redirects Firefox reported that it was unable to establish safe negotiation (error code: SSL_ERROR_UNSAFE_NEGOTIATION). The site that had the problem is https://secure5.arcot.com/ . I have security.ssl.require_safe_negotiation set to true. However, if I set it to false and go to that site, Firefox reports that it uses "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 256 bit keys, TLS 1.2". I am not an expert in ciphers/TLS but the version seems sufficiently new.

I would like to report the problem but I need to know whom to report it. So far, it seems like a Firefox bug. However, I am not a security expect and, perhaps, the site is using a different obsolete SSL version to negotiate. How can I determine what exactly caused the failure?

Được chỉnh sửa bởi pysar vào

Giải pháp được chọn

Hi, sorry to take so long to get back to you. It is not your or Firefox's problem.

If you go to https://secure5.arcot.com/ and then click the Show Site Information which is the i in a circle in the Address Bar then the Right Arrow Point > , Then More Information then the Show Certificate Button it will tell you that they are using a Symantec Certificate. They have all been revoked and are no longer acceptable to any browser do to their issue of loosing and suspect sites having them. Digicert as per this url :

You may want to inform the site if you can.

Please let us know if this solved your issue or if need further assistance.

Đọc câu trả lời này trong ngữ cảnh 👍 0

All Replies (3)

more options

Giải pháp được chọn

Hi, sorry to take so long to get back to you. It is not your or Firefox's problem.

If you go to https://secure5.arcot.com/ and then click the Show Site Information which is the i in a circle in the Address Bar then the Right Arrow Point > , Then More Information then the Show Certificate Button it will tell you that they are using a Symantec Certificate. They have all been revoked and are no longer acceptable to any browser do to their issue of loosing and suspect sites having them. Digicert as per this url :

You may want to inform the site if you can.

Please let us know if this solved your issue or if need further assistance.

more options
more options

Thanks! I mistakenly thought that the error code was related only to the incorrect protocol version. I will send an email to the seller company.