X
點擊此處開啟此網站的行動版。

技術支援討論區

Firefox blocks a site that Safari and Edge don't block

已張貼

Hi,

I can open this site with Safari and Microsoft Edge without problems: https://dev.maxprograms.com:8000/

Certificate is properly read and displayed on request.

Firefox refuses to open the site and displays this error: SSL received a record with an incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_READ

I'm absolutely sure the certificate is fine and working. Firefox is able to open another URL in the same server that uses that certificate. The only difference is the server software (one uses Tomcat and the other plain Java 11)

Can anybody tell me what is wrong?

Thanks, Rodolfo

Hi, I can open this site with Safari and Microsoft Edge without problems: https://dev.maxprograms.com:8000/ Certificate is properly read and displayed on request. Firefox refuses to open the site and displays this error: SSL received a record with an incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_READ I'm absolutely sure the certificate is fine and working. Firefox is able to open another URL in the same server that uses that certificate. The only difference is the server software (one uses Tomcat and the other plain Java 11) Can anybody tell me what is wrong? Thanks, Rodolfo

被選擇的解決方法

It works if I disable TLS 1.3

  • security.tls.version.max = 3
  • 1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3;

I think that TLS 1.3 is more strict then previous TLS version and refuses to connect if there is a problem.

從原來的回覆中察看解決方案 1

額外的系統細節

已安裝的外掛程式

  • Shockwave Flash 32.0 r0

應用程式

  • User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:64.0) Gecko/20100101 Firefox/64.0

更多資訊

FredMcD
  • Top 10 Contributor
4255 個解決方法 59591 個答案
error code: ssl_error_bad_mac_read See if this helps; https://support.mozilla.org/en-US/questions/1032303 Web search https://www.bing.com/search?q=SSL_ERROR_BAD_MAC_READ
cor-el
  • Top 10 Contributor
  • Moderator
17529 個解決方法 158478 個答案

選擇的解決方法

It works if I disable TLS 1.3

  • security.tls.version.max = 3
  • 1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3;

I think that TLS 1.3 is more strict then previous TLS version and refuses to connect if there is a problem.

It works if I disable TLS 1.3 *security.tls.version.max = 3 *1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3; I think that TLS 1.3 is more strict then previous TLS version and refuses to connect if there is a problem.

提出問題者

Setting security.tls.version in Firefox to 3 helped.

Now I need to learn how to tell the server to set that value.

Thanks!

Setting security.tls.version in Firefox to 3 helped. Now I need to learn how to tell the server to set that value. Thanks!