Secure Connection Failed: intranet with old SSL
Hi, I'm using Firefox 45 and Firefox 47 Developer Edition both 64 bit version on windows. I had a connection problem with intranet of an university. I asked to the administrator, but we still have not found a solution. The website uses the old SSLv3.0. I tried to follow the guide https://support.mozilla.org/en-US/kb/secure-connection-failed-error-message and to change the parameters security.tls.version.fallback-limit;0 e security.tls.version.min;0. It does not work. If I use IE 11 I can use the website and I can import the certificate which is not signed by any CA. I tried to import the certificate into Firefox under the server section since it was not allowed to import into the CA as done for IE. The error is the following:
Secure Connection Failed
The connection to was interrupted while the page was loading.
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the web site owners to inform them of this problem.
Any suggestions? Thank you
Modificato da erotavlas il
Soluzione scelta
The best solution is just for them to stop using old encryption. Even though it's internal, there isn't a great defense for using ancient encryption (breaches happen all the time). If they refuse to update, keep using IE for that internal stuff, Firefox has no option to re-enable SSLv3
Leggere questa risposta nel contesto 👍 1Tutte le risposte (2)
Soluzione scelta
The best solution is just for them to stop using old encryption. Even though it's internal, there isn't a great defense for using ancient encryption (breaches happen all the time). If they refuse to update, keep using IE for that internal stuff, Firefox has no option to re-enable SSLv3
Using IE11 for that site, and encouraging updates, is the best course of action.
It may be that the intranet doesn't involve any truly confidential information, but if it does, they should check the configuration. Does the intranet run on a Windows server? Windows Server 2003 shipped with IIS 6 which supports TLS 1.0. Windows Server 2008 R2 and later support TLS 1.1 and TLS 1.2.