Rechercher dans l’assistance

Évitez les escroqueries à l’assistance. Nous ne vous demanderons jamais d’appeler ou d’envoyer un SMS à un numéro de téléphone ou de partager des informations personnelles. Veuillez signaler toute activité suspecte en utilisant l’option « Signaler un abus ».

En savoir plus

Problem with 'require safe negotiation'

  • 3 réponses
  • 1 a ce problème
  • 2 vues
  • Dernière réponse par pysar

more options

I tried to make a purchase and during one of the redirects Firefox reported that it was unable to establish safe negotiation (error code: SSL_ERROR_UNSAFE_NEGOTIATION). The site that had the problem is https://secure5.arcot.com/ . I have security.ssl.require_safe_negotiation set to true. However, if I set it to false and go to that site, Firefox reports that it uses "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 256 bit keys, TLS 1.2". I am not an expert in ciphers/TLS but the version seems sufficiently new.

I would like to report the problem but I need to know whom to report it. So far, it seems like a Firefox bug. However, I am not a security expect and, perhaps, the site is using a different obsolete SSL version to negotiate. How can I determine what exactly caused the failure?

I tried to make a purchase and during one of the redirects Firefox reported that it was unable to establish safe negotiation (error code: SSL_ERROR_UNSAFE_NEGOTIATION). The site that had the problem is https://secure5.arcot.com/ . I have security.ssl.require_safe_negotiation set to true. However, if I set it to false and go to that site, Firefox reports that it uses "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 256 bit keys, TLS 1.2". I am not an expert in ciphers/TLS but the version seems sufficiently new. I would like to report the problem but I need to know whom to report it. So far, it seems like a Firefox bug. However, I am not a security expect and, perhaps, the site is using a different obsolete SSL version to negotiate. How can I determine what exactly caused the failure?

Modifié le par pysar

Solution choisie

Hi, sorry to take so long to get back to you. It is not your or Firefox's problem.

If you go to https://secure5.arcot.com/ and then click the Show Site Information which is the i in a circle in the Address Bar then the Right Arrow Point > , Then More Information then the Show Certificate Button it will tell you that they are using a Symantec Certificate. They have all been revoked and are no longer acceptable to any browser do to their issue of loosing and suspect sites having them. Digicert as per this url :

You may want to inform the site if you can.

Please let us know if this solved your issue or if need further assistance.

Lire cette réponse dans son contexte 👍 0

Toutes les réponses (3)

more options

Solution choisie

Hi, sorry to take so long to get back to you. It is not your or Firefox's problem.

If you go to https://secure5.arcot.com/ and then click the Show Site Information which is the i in a circle in the Address Bar then the Right Arrow Point > , Then More Information then the Show Certificate Button it will tell you that they are using a Symantec Certificate. They have all been revoked and are no longer acceptable to any browser do to their issue of loosing and suspect sites having them. Digicert as per this url :

You may want to inform the site if you can.

Please let us know if this solved your issue or if need further assistance.

more options
more options

Thanks! I mistakenly thought that the error code was related only to the incorrect protocol version. I will send an email to the seller company.