X
Thinta lapha ukuze uye kuveshini yamakhalekhukhwini kusayithi.

Isithangami Sabeseki

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

SSL Certificate problems after update to Firefox 36

Kuphostiwe

Since updating firefox to version 36, all 2048 bit SSL certificates for our client websites are no longer functioning and have the exclamation mark on the address bar. All previous versions of firefox are fine with the site. The site is chancerygroupplc.co.uk.

Any suggestions?

Since updating firefox to version 36, all 2048 bit SSL certificates for our client websites are no longer functioning and have the exclamation mark on the address bar. All previous versions of firefox are fine with the site. The site is chancerygroupplc.co.uk. Any suggestions?

Eminye Imininingwane Yohlelo

Fakela amapulagi

  • Adobe PDF Plug-In For Firefox and Netscape "9.4.0"
  • Adobe PDF Plug-In For Firefox and Netscape 11.0.0
  • A plugin to detect whether the Adobe Creative Cloud is installed on this machine.v_2_0_0_0
  • DivX OVS Helper Plug-in
  • DivX Web Player version 2.1.0.900
  • 1.122.0
  • 0.70.4
  • Google Update
  • NPRuntime Script Plug-in Library for Java(TM) Deploy
  • Next Generation Java Plug-in 10.10.2 for Mozilla browsers
  • BlackBerry WebSL Browser Plug-In
  • RealJukebox Netscape Plugin
  • 12.0.1.609
  • RealPlayer(tm) LiveConnect-Enabled Plug-In
  • RealPlayer(tm) HTML5VideoShim Plug-In
  • Shockwave Flash 13.0 r0
  • Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615
  • 4.1.10329.0
  • NPWLPG
  • Yahoo Application State Plugin version 1.0.0.7
  • iTunes Detector Plug-in

Isisebenziso

  • I-ejenti Engumsebenzisi: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0

Eminye Imininingwane

curtisa 18 izisombululo 124 izimpendulo
Kuphostiwe

Your issue seems a bit more complicated and requires more investigation. We're currently looking into it and we'll get back to you with more details ASAP. Please understand that escalations can take up to 72 hours for a response, but no longer.

Your issue seems a bit more complicated and requires more investigation. We're currently looking into it and we'll get back to you with more details ASAP. Please understand that escalations can take up to 72 hours for a response, but no longer.
guigs 1072 izisombululo 11697 izimpendulo
Kuphostiwe

SHA 256? More information on this type of encryption:

The proposed maintenance:

If we cannot investigate there is a mailing list https://www.mozilla.org/en-US/about/f.../#dev-security-policy

SHA 256? More information on this type of encryption: *[https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/] The proposed maintenance: * [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/maintenance/ Mozilla governance Security Group] If we cannot investigate there is a mailing list [https://www.mozilla.org/en-US/about/forums/#dev-security-policy]

Okulungisiwe ngu guigs

John99 971 izisombululo 13138 izimpendulo
Kuphostiwe

I can not even access chancerygroupplc.co.uk from developer edition.

Running a check on the site using

I see that it is using RC4 which is broken since 2013 See for instance

The site does work using Firefox Release, IE & Chrome. I discover the site appears to be used for secure collection of debts !!

I can not even access chancerygroupplc.co.uk from developer edition. Running a check on the site using * https://www.ssllabs.com/ssltest/analyze.html?d=chancerygroupplc.co.uk I see that it is using RC4 which is broken since 2013 See for instance * https://blog.mozilla.org/security/2013/11/12/navigating-tls/ ** https://wiki.mozilla.org/Security/Server_Side_TLS#RC4_weaknesses *https://community.qualys.com/blogs/securitylabs/2013/03/19/rc4-in-tls-is-broken-now-what? * https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2566 The site does work using Firefox Release, IE & Chrome. I discover the site appears to be used for secure collection of debts !!
John99 971 izisombululo 13138 izimpendulo
Kuphostiwe

P.S. I note it is now a standards RFC https://tools.ietf.org/html/rfc7465

February 2015
Prohibiting RC4 Cipher Suites

Abstract

  This document requires that Transport Layer Security (TLS) clients
  and servers never negotiate the use of RC4 cipher suites when they
  establish connections.  This applies to all TLS versions.  This
  document updates RFCs 5246, 4346, and 2246.
P.S. I note it is now a standards RFC https://tools.ietf.org/html/rfc7465 February 2015 Prohibiting RC4 Cipher Suites Abstract This document requires that Transport Layer Security (TLS) clients and servers never negotiate the use of RC4 cipher suites when they establish connections. This applies to all TLS versions. This document updates RFCs 5246, 4346, and 2246.