Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Firefox blocks a site that Safari and Edge don't block

  • 3 个回答
  • 1 人有此问题
  • 1 次查看
  • 最后回复者为 rmraya

more options

Hi,

I can open this site with Safari and Microsoft Edge without problems: https://dev.maxprograms.com:8000/

Certificate is properly read and displayed on request.

Firefox refuses to open the site and displays this error: SSL received a record with an incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_READ

I'm absolutely sure the certificate is fine and working. Firefox is able to open another URL in the same server that uses that certificate. The only difference is the server software (one uses Tomcat and the other plain Java 11)

Can anybody tell me what is wrong?

Thanks, Rodolfo

Hi, I can open this site with Safari and Microsoft Edge without problems: https://dev.maxprograms.com:8000/ Certificate is properly read and displayed on request. Firefox refuses to open the site and displays this error: SSL received a record with an incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_READ I'm absolutely sure the certificate is fine and working. Firefox is able to open another URL in the same server that uses that certificate. The only difference is the server software (one uses Tomcat and the other plain Java 11) Can anybody tell me what is wrong? Thanks, Rodolfo

被采纳的解决方案

It works if I disable TLS 1.3

  • security.tls.version.max = 3
  • 1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3;

I think that TLS 1.3 is more strict then previous TLS version and refuses to connect if there is a problem.

定位到答案原位置 👍 1

所有回复 (3)

more options
more options

选择的解决方案

It works if I disable TLS 1.3

  • security.tls.version.max = 3
  • 1 means TLS 1.0; 2 means TLS 1.1; 3 means TLS 1.2; 4 means TLS 1.3;

I think that TLS 1.3 is more strict then previous TLS version and refuses to connect if there is a problem.

more options

Setting security.tls.version in Firefox to 3 helped.

Now I need to learn how to tell the server to set that value.

Thanks!