搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

Learn More

Can I re-enable SSL in Firefox without downgrading? When I hit an SSL-only site, my only current option is to use another browser.

  • 5 回覆
  • 27 有這個問題
  • 58208 次檢視
  • 最近回覆由 Lancer525

more options

Just hit an SSL-only site that I needed to access that FF 35 blocked. I don't see an obvious way to create an exception or re-enable it. We need this option... many users understand POODLE and can make an intelligent decision regarding the risks. TLS has its vulnerabilities as well.

被選擇的解決方法

hello ancistrus, as you know ssl3.0 encrypted connections can be no longer considered secure since an attack vector against them ("POODLE") has become known. please contact the webmaster in charge of the site and urge them to update their encryption to something contemporary. https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

if you want to re-enable ssl 3.0 in firefox you can do that - however keep the consequences in mind, that you will become vulnerable to the attack mentioned above: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.tls.version.min. double-click it, change its value to 0 and restart the browser.

從原來的回覆中察看解決方案 👍 11

所有回覆 (5)

more options

選擇的解決方法

hello ancistrus, as you know ssl3.0 encrypted connections can be no longer considered secure since an attack vector against them ("POODLE") has become known. please contact the webmaster in charge of the site and urge them to update their encryption to something contemporary. https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

if you want to re-enable ssl 3.0 in firefox you can do that - however keep the consequences in mind, that you will become vulnerable to the attack mentioned above: enter about:config into the firefox address bar (confirm the info message in case it shows up) & search for the preference named security.tls.version.min. double-click it, change its value to 0 and restart the browser.

more options

Thanks, exactly what I needed.

more options

You can use this extension to enable SSL3 temporarily for a website that needs SSL3.

more options

What philipp should have mentioned about changing the security.tls.version.min to zero is that this should only be done temporary and not made as a permanent change. You may go to another site and think you were secure when you are not due to it using the vulnerable SSL 3.0.

more options

"contact the webmaster in charge of the site and urge them to update their encryption to something contemporary."

Is the least helpful comment one could imagine.

It's a government website. YOU try getting in touch with one of their webmasters and getting them to do anything.