User.js: SSL_ERROR_UNSAFE_NEGOTIATION [solved: security.ssl.require_safe_negotiation]
Was wondering which pref could be causing this error. Site seems to work on a stock firefox.
"An error occurred during a connection to X. Peer attempted old style (potentially vulnerable) handshake.
Error code: SSL_ERROR_UNSAFE_NEGOTIATION
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem."
Thanks.
zdat
All 5 comments
Probably this one right here:
user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
If not that one, then try this one:
user_pref("security.ssl.require_safe_negotiation", true);
They are both set to false on stock Firefox.
geeknik
on 14 Feb 2020
Thanks. The second one did it (1201). First one (1270) displays the warning on the padlock for sites that would normally be blocked by 1201.
zdat
on 14 Feb 2020
1270is about displaying a visual clue in the urlbar: it is not 100% reliable (e.g. subresources), but there is no harm in leaving it active in the user.js as true1201is the one that can break some sites: and it should be rare (everyone will get different mileage)
Thorin-Oakenpants
on 15 Feb 2020
1201is the one that can break some sites: and it should be rare
I just got the SSL error after clicking an eBay link (something like https://svcs.ebay.com/delstats/clk/rtm?url=https%3A%2F%2Fwww.ebay.com.....) and had to disable 1201. Weird.
bryce-lynch
on 4 Aug 2020
1201 breaks tools.cisco.com as well, they are aware of it, probably won't fix it as they can't understand why anyone would flip this pref on. 馃ぃ
geeknik
on 4 Aug 2020
Related issues
crssi
路
3Comments
Thorin-Oakenpants
路
5Comments
kaliostro2
路
7Comments
Thorin-Oakenpants
路
5Comments
TerkiKerel
路
4Comments