Przeszukaj pomoc

Unikaj oszustw związanych z pomocą.Nigdy nie będziemy prosić Cię o dzwonienie na numer telefonu, wysyłanie SMS-ów ani o udostępnianie danych osobowych. Zgłoś podejrzaną aktywność, korzystając z opcji „Zgłoś nadużycie”.

Więcej informacji

Cannot access SSL website when corporate proxy use man-in-the-middle attack to analyze SSL traffic

  • 2 odpowiedzi
  • 2 osoby mają ten problem
  • 17 wyświetleń
  • Ostatnia odpowiedź od Alberto's Firefox

more options

Our company uses a proxy which analyzes SSL traffic on some web sites. This is done via man-in-the-middle attack. The proxy generates a new certificate on the fly that it sends to the client, impersonating a secure server. After upgrading on Firefox 10.0 I always get error: HTTP Error Status: 400 Bad Request after confirmation of security exception.

Our company uses a proxy which analyzes SSL traffic on some web sites. This is done via man-in-the-middle attack. The proxy generates a new certificate on the fly that it sends to the client, impersonating a secure server. After upgrading on Firefox 10.0 I always get error: HTTP Error Status: 400 Bad Request after confirmation of security exception.

Wybrane rozwiązanie

Maybe this is related to bug fixes of the BEAST (Browser Exploit Against SSL/TLS) attack

  • bug 702111 - Servers intolerant to 1/n-1 record splitting. "The connection was reset" (see also comment 60)
Przeczytaj tę odpowiedź w całym kontekście 👍 0

Wszystkie odpowiedzi (2)

more options

Wybrane rozwiązanie

Maybe this is related to bug fixes of the BEAST (Browser Exploit Against SSL/TLS) attack

  • bug 702111 - Servers intolerant to 1/n-1 record splitting. "The connection was reset" (see also comment 60)
more options

This does not appear to be the same problem. In bug 702111 the page https://store.toto-dream.com/toto/member/ToHPLogin.do could not be opened. I can open this page without problem and the form is shown. The problem I have seems to be related to proxy which analyze SSL traffic generating a certificate on the fly. Usually in these case Firefox gives a security warning. Before version 10.0 I was able to continue and open the page but now after accepting I got the error: "HTTP Error Status: 400 Bad Request"