Cannot connect with WRT54GLS interface with v34.0.5
And the error is misleading. Fortunately, ie knows it's a certificate problem, and lets me connect. Not sure when this problem reappeared, in FF, but I coulod still connect, a month ago, perhaps with some v33?
Chosen solution
You can install a portable (ESR) Firefox version to access websites that do not work with the current Firefox release. The portable version comes with its own profile folder and doesn't interfere with the currently installed release version.
- http://portableapps.com/apps/internet/firefox_portable
- http://portableapps.com/apps/internet/firefox-portable-esr
All Replies (8)
This may be because it is trying to use the old vulnerable SSL 3.0 https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
You can try https://addons.mozilla.org/firefox/addon/ssl-version-control/ when you really need to as SSL 3.0 is vulnerable. Do make sure the minimum is TLS 1.0 when possible to be safe.
In about:config you can right-click and Modify security.tls.version.min from 1 to 0
Depending on site you may need to Modify security.tls.version.fallback-limit from 1 to 0 also as otherwise it may still use TLS 1.0 as the minimum also.
After you are done you should right-click these Preferences and select Reset to set them back to default to be safe and not vulnerable in case you use a site that you thought was secure and is not secure due to still using SSL 3.0.
Much thanks, for our reply!
Ok, I can confirm that the workaround of using the ssl version control to set ssl3, along with changing security.tls.version.min from 1 to 0 does allow communication with my WRT54GLS router.
But what is the 'fix'? A new router? Is there a list of routers which ARE supported by the current version and configuration of FF?
Any chance that some future version of FF might recognize that it's trying to talk to a local router and allow this communication? I do see a browser, which won't talk to a router, as being broken ;-p
Short term, I guess I'll use IE, to communicate with router, so that I don't forget to restore ff settings to tls 1 (or higher).
You can check the website of that router to see if this is a known issue and if there is an update available or ask them to look into this.
Are you using the default firmware or a one from say http://dd-wrt.com/site/support/router-database search for say WRT54G.
cor-el said
You can check the website of that router to see if this is a known issue and if there is an update available or ask them to look into this.
Thanks cor-el. This Linksys is an antique - much too old to have tls. It's never had a firmware upgrade (from manufacturer). No help from them.
James said
Are you using the default firmware or a one from say http://dd-wrt.com/site/support/router-database search for say WRT54G.
Again, thanks James,
Yes, checked, there. Only firmware for these old Linksys routers was 2009. Well before TLS, I think.
Fortunately, I can still get to my modem interface, without hoop-jumps - it's a year old docsis3, and does support TLS.
And I've picked-up a very inexpensive router replacement, with TLS support. I didn't mind this, as Linksys security was compromised, long ago.
But what of all the web cams, out there. Almost none support TLS, at this time. I'm thinking there will be a lot of unhappy campers, if/when SSL3 is obsoleted.
Chosen Solution
You can install a portable (ESR) Firefox version to access websites that do not work with the current Firefox release. The portable version comes with its own profile folder and doesn't interfere with the currently installed release version.
Great information, cor-el. Thanks! I'll pass it along. Sounds potentially useful, in many circumstances...