Since the diginotar issue it seems we are being protected from all self-signed certificates. This works terribly with firmware that has an interface based on https.
I started getting "errors" back when FF3 first came out - I could resolve the issues by going to about: config and setting security.ssl3.rsa_rc2_40_md5;true.
However, this no longer works.
Next I went back to an older version of Firefox (3.6.17) and it worked for awhile. A company update updated FF to 3.6.22 and now I cannot connect to the firmware, so I cannot turn devices on/off/etc.
This is ALSO a security breach - no availability.
I do not know who thought that disabling all self-signed certificates was going to improve security. It is a bad call.
Question: how to setup FF so that it will accept https, 40-bit SSL again?
p.s. I have also tried turning on all SSL2 settings.
p.p.s. I think a new error message, specifically for self-signed certificates, would be an improvement - as this message is being used for too many issues with different origins/causes.
Thx.
Error code: ssl_error_no_cypher_overlap w/ self-signed https
-
- Posts: 4
- Joined: October 14th, 2011, 4:40 am
Re: Error code: ssl_error_no_cypher_overlap w/ self-signed h
p.s. updating firmware of the device is not possible - it is too old. And even if new firmware might solve it, how would the firmware be installed when all connectivity is refused.
M
M
-
- Posts: 4
- Joined: October 14th, 2011, 4:40 am
Re: Error code: ssl_error_no_cypher_overlap w/ self-signed h
found it: too many reinstalls lately: needed to be rc4 rather than rc2.
My error
security.ssl3.rsa_rc4_40_md5;true. reopen connections using OLD versions. Once the newest version is installed, connections are refused.
My error
security.ssl3.rsa_rc4_40_md5;true. reopen connections using OLD versions. Once the newest version is installed, connections are refused.
-
- Posts: 4
- Joined: October 14th, 2011, 4:40 am
Re: Error code: ssl_error_no_cypher_overlap w/ self-signed h
This issue is back again, and with a vengeance.
New (fresh) installs do not even include any of security.ssl3.rsa_rc4_40* in the about:config screens.
In updated installs, I see the variable, but it has no effect.
Looks like I may need to switch from FF to something else - after all these years.
New (fresh) installs do not even include any of security.ssl3.rsa_rc4_40* in the about:config screens.
In updated installs, I see the variable, but it has no effect.
Looks like I may need to switch from FF to something else - after all these years.