搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

Now Firefox 25 support TLSv1.2, how can I enable SHA-2 ciphers?

  • 3 个回答
  • 9 人有此问题
  • 3 次查看
  • 最后回复者为 gsc-frank

more options

I just install Firefox 25 and configure TLS min and max values to 3, then visit this site https://cc.dcsec.uni-hannover.de/ which report no SHA-2 ciphers. What I must do to enable SHA-2 ciphers on Firefox 25. Exist some web app I need access that just allow SHA-2 ciphers.

I just install Firefox 25 and configure TLS min and max values to 3, then visit this site https://cc.dcsec.uni-hannover.de/ which report no SHA-2 ciphers. What I must do to enable SHA-2 ciphers on Firefox 25. Exist some web app I need access that just allow SHA-2 ciphers.

由gsc-frank于修改

所有回复 (3)

more options

New information: I tested on Ubuntu 13.10 using ppa:mozillateam/firefox-next to have Firefox using NSS 3.15.1 and result the same, no SHA256 ciphers was available.

由gsc-frank于修改

more options

Are you referring to the value that show in the MAC field or the key size that is specified?

I keep some 128 bit ciphers disabled and see this:

This connection uses TLSv1 with CAMELLIA256-SHA and a 256 Bit key for encryption.
Ciphers: ff,c00a,c014,c00f,c005,84,35,96,04,c008,c012,16,13,c00d,c003,feff,0a 
(c0,0a)
ECDHE-ECDSA-AES256-SHA
256 Bit
Key exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,14)
ECDHE-RSA-AES256-SHA
256 Bit
Key exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,0f)
ECDH-RSA-AES256-SHA
256 Bit
Key exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,05)
ECDH-ECDSA-AES256-SHA
256 Bit
Key exchange: ECDH, encryption: AES, MAC: SHA1.
(00,84)
RSA-CAMELLIA256-SHA
256 Bit
Key exchange: RSA, encryption: Camellia, MAC: SHA1.
(00,35)
RSA-AES256-SHA
256 Bit
Key exchange: RSA, encryption: AES, MAC: SHA1.
more options

Thanks for you reply cor-el

I'm referring to the MAC value. "openssl ciphers -v | grep TLSv1.2" will show no SHA1 in MAC, and that is a problem a think: a server that just support TLSv1.2 ciphers will not offer SHA1 for MAC and as Firefox not support SHA-2, will be unable to communicate with it. Last Google Chrome and Opera works fine again the server I tested.