Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Cannot access SSL website when corporate proxy use man-in-the-middle attack to analyze SSL traffic

more options

Our company uses a proxy which analyzes SSL traffic on some web sites. This is done via man-in-the-middle attack. The proxy generates a new certificate on the fly that it sends to the client, impersonating a secure server. After upgrading on Firefox 10.0 I always get error: HTTP Error Status: 400 Bad Request after confirmation of security exception.

Our company uses a proxy which analyzes SSL traffic on some web sites. This is done via man-in-the-middle attack. The proxy generates a new certificate on the fly that it sends to the client, impersonating a secure server. After upgrading on Firefox 10.0 I always get error: HTTP Error Status: 400 Bad Request after confirmation of security exception.

Asịsa ahọpụtara

Maybe this is related to bug fixes of the BEAST (Browser Exploit Against SSL/TLS) attack

  • bug 702111 - Servers intolerant to 1/n-1 record splitting. "The connection was reset" (see also comment 60)
Gụọ azịza a na nghọta 👍 0

All Replies (2)

more options

Asịsa Ahọpụtara

Maybe this is related to bug fixes of the BEAST (Browser Exploit Against SSL/TLS) attack

  • bug 702111 - Servers intolerant to 1/n-1 record splitting. "The connection was reset" (see also comment 60)
more options

This does not appear to be the same problem. In bug 702111 the page https://store.toto-dream.com/toto/member/ToHPLogin.do could not be opened. I can open this page without problem and the form is shown. The problem I have seems to be related to proxy which analyze SSL traffic generating a certificate on the fly. Usually in these case Firefox gives a security warning. Before version 10.0 I was able to continue and open the page but now after accepting I got the error: "HTTP Error Status: 400 Bad Request"