Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Avatar for Username

Buscar en Ayuda

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Este tema ha sido archivado. Haz una nueva pregunta si necesitas ayuda.

In Firefox 38.5, how do I ensure it will only use tls 1.2 and not fallback to lower versions or ssl?

  • 2 respuestas
  • 4 tienen este problema
  • 1 visita
  • Última respuesta de mmarino

mmarino
mmarino
more options

I'm using Firefox 38.5 on CentOS 5.6. My current settings in about:config are as follows: security.tls.version.fallback-limit = 3 security.tls.version.max = 3 security.tls.version.min = 1

Are these settings already correct to only allow tls 1.2 or do I need to change the min value to 3 as well?

I'm using Firefox 38.5 on CentOS 5.6. My current settings in about:config are as follows: security.tls.version.fallback-limit = 3 security.tls.version.max = 3 security.tls.version.min = 1 Are these settings already correct to only allow tls 1.2 or do I need to change the min value to 3 as well?

Solución elegida

You would have to set security.tls.version.min = 3 if you really only want to enable TLS 1.2 Note that this will break servers that do not support TLS 1.2

0 means SSL 3.0, 1 means TLS 1.0, 2 means TLS 1.1, 3 means TLS 1.2 etc.

Leer esta respuesta en su contexto 👍 4

Todas las respuestas (2)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Solución elegida

You would have to set security.tls.version.min = 3 if you really only want to enable TLS 1.2 Note that this will break servers that do not support TLS 1.2

0 means SSL 3.0, 1 means TLS 1.0, 2 means TLS 1.1, 3 means TLS 1.2 etc.

Modificadas por cor-el el

mmarino
mmarino Autor de la pregunta
more options

Thanks - excellent answer.