X
點擊此處開啟此網站的行動版。

技術支援討論區

此討論串已經關閉並封存。 如果您有需要幫助,請新增一個新問題

ssl_error_bad_mac_read error on credit card payment

已張貼

I'm trying to process a credit card payment for Norwegian Airlines. When taking me to the Verified by Visa page on my credit card account ( https://www.vpv.scddesjardins.com/ ) I get the secured connection failed page: "An error occurred during a connection to www.vpv.scddesjardins.com. SSL received a record with an incorrect Message Authentication Code. (Error code: ssl_error_bad_mac_read) " Their server seems to be still running SSL 3.0 and some other terrible things, but on another website I had this issue I got a different error message. Should I be contacting my credit card company, and if so what should I be asking them to do? I can't give a public page, obviously, and though I tried to test it on Chrome, they're charging me 7 EUR more for the flight on Chrome than Firefox (just another reason to use FF!).

I'm trying to process a credit card payment for Norwegian Airlines. When taking me to the Verified by Visa page on my credit card account ( https://www.vpv.scddesjardins.com/ ) I get the secured connection failed page: "An error occurred during a connection to www.vpv.scddesjardins.com. SSL received a record with an incorrect Message Authentication Code. (Error code: ssl_error_bad_mac_read) " Their server seems to be still running SSL 3.0 and some other terrible things, but on another website I had this issue I got a different error message. Should I be contacting my credit card company, and if so what should I be asking them to do? I can't give a public page, obviously, and though I tried to test it on Chrome, they're charging me 7 EUR more for the flight on Chrome than Firefox (just another reason to use FF!).

被選擇的解決方法

Or maybe...

When I test that site in Chrome, it says the site uses TLS 1.0, an older version of the SSL standard that Firefox 37 no longer treats as secure. This is a change from Firefox 36.

You can make a site-specific exception for the problem server so Firefox allows TLS 1.0:

Here's how:

(1) Copy the host name of the server address. This is the part between the https:// protocol and the next / character, and not including either of those. In this case: www.vpv.scddesjardins.com

(2) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.

(3) In the search box above the list, type or paste tls and pause while the list is filtered

(4) Double-click the security.tls.insecure_fallback_hosts preference to display a box where you can paste the copied host name. If you have something here already, add a comma at the end before pasting to separate the new host name from the previous name(s). Then click OK to save the change.

When you reload that site, Firefox 37 should display the site (of course, I can't test without the full URL).

從原來的回覆中察看解決方案 19

額外的系統細節

已安裝的外掛程式

  • Adobe PDF Plug-In For Firefox and Netscape 11.0.10
  • GEPlugin
  • Version 5.40.2.0
  • Google Update
  • Intel web components updater - Installs and updates the Intel web components
  • Intel web components for Intel® Identity Protection Technology
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Next Generation Java Plug-in 11.40.2 for Mozilla browsers
  • Shockwave Flash 17.0 r0
  • 5.1.30514.0
  • VLC media player Web Plugin
  • iTunes Detector Plug-in

應用程式

  • User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0

更多資訊

jscher2000
  • Top 10 Contributor
8897 個解決方法 72789 個答案

The error code ssl_error_bad_mac_read is somewhat rare on this forum. Past solutions may have included (sometimes it's hard to tell which suggestion helped):

  • Disabling Firefox from using IPv6 (see that topic in: Firefox can't load websites but other browsers can)
  • Checking for a proxy setting in the Options dialog: "3-bar" menu button (or Tools menu) > Options > Advanced > Network mini-tab > "Settings" button -- try "No Proxy"
  • Fixing a flaky internet connection
  • Removing some extensions (e.g., MaskMe and an old version of DoNotTrackMe)
  • Bypassing the filtering software NetNanny
The error code ssl_error_bad_mac_read is somewhat rare on this forum. Past solutions may have included (sometimes it's hard to tell which suggestion helped): * Disabling Firefox from using IPv6 (see that topic in: [[Firefox can't load websites but other browsers can]]) * Checking for a proxy setting in the Options dialog: "3-bar" menu button (or Tools menu) > Options > Advanced > Network mini-tab > "Settings" button -- try "No Proxy" * Fixing a flaky internet connection * Removing some extensions (e.g., MaskMe and an old version of DoNotTrackMe) * Bypassing the filtering software NetNanny
jscher2000
  • Top 10 Contributor
8897 個解決方法 72789 個答案

選擇的解決方法

Or maybe...

When I test that site in Chrome, it says the site uses TLS 1.0, an older version of the SSL standard that Firefox 37 no longer treats as secure. This is a change from Firefox 36.

You can make a site-specific exception for the problem server so Firefox allows TLS 1.0:

Here's how:

(1) Copy the host name of the server address. This is the part between the https:// protocol and the next / character, and not including either of those. In this case: www.vpv.scddesjardins.com

(2) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.

(3) In the search box above the list, type or paste tls and pause while the list is filtered

(4) Double-click the security.tls.insecure_fallback_hosts preference to display a box where you can paste the copied host name. If you have something here already, add a comma at the end before pasting to separate the new host name from the previous name(s). Then click OK to save the change.

When you reload that site, Firefox 37 should display the site (of course, I can't test without the full URL).

Or maybe... When I test that site in Chrome, it says the site uses TLS 1.0, an older version of the SSL standard that Firefox 37 no longer treats as secure. This is a change from Firefox 36. You can make a site-specific exception for the problem server so Firefox allows TLS 1.0: Here's how: (1) Copy the host name of the server address. This is the part ''between'' the https:// protocol and the next / character, and not including either of those. In this case: '''www.vpv.scddesjardins''.''com''' (2) In a new tab, type or paste '''about:config''' in the address bar and press Enter. Click the button promising to be careful. (3) In the search box above the list, type or paste '''tls''' and pause while the list is filtered (4) Double-click the '''security.tls.insecure_fallback_hosts''' preference to display a box where you can paste the copied host name. If you have something here already, add a comma at the end before pasting to separate the new host name from the previous name(s). Then click OK to save the change. When you reload that site, Firefox 37 should display the site (of course, I can't test without the full URL).

有幫助的回覆

Thanks. I should say that while this workaround worked, I still yelled at the server owners for their woefully out of date and insecure server. If anyone sees this, they should not just apply the workaround and continue using insecure connections as if nothing happened, but get the administrator to update their technology by a decade or two.

Thanks. I should say that while this workaround worked, I still yelled at the server owners for their woefully out of date and insecure server. If anyone sees this, they should not just apply the workaround and continue using insecure connections as if nothing happened, but get the administrator to update their technology by a decade or two.
manjit2970 0 個解決方法 2 個答案

at security.tls.insecure_fallback_hosts preferences I added www.onlinesbi.com, made it OK, started again firefox and checked but the the error is same i.e

"An error occurred during a connection to www.onlinesbi.com. SSL received a record with an incorrect Message Authentication Code. (Error code: ssl_error_bad_mac_read)
   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem."
at security.tls.insecure_fallback_hosts preferences I added www.onlinesbi.com, made it OK, started again firefox and checked but the the error is same i.e "An error occurred during a connection to www.onlinesbi.com. SSL received a record with an incorrect Message Authentication Code. (Error code: ssl_error_bad_mac_read) The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem."