On Wed, Jul 2, 2014 at 11:46 AM, Joel Sing <[email protected]> wrote: > On Thu, 3 Jul 2014, Ez Egy wrote: > > Since these two are using GCM: > > > > www.ssllabs.com: ECDHE-RSA-AES256-GCM-SHA384 > > www.google.com: ECDHE-RSA-AES128-GCM-SHA256 > > > > We wanted to make our webserver HTTPS connection more secure (don't look > at > > the self-signed certificate, that doesn't count right now..) > > > > We are using an OpenBSD 5.4 64bit, and the "openssl ciphers" command says > > that it supports the "ECDHE-RSA-AES256-GCM-SHA384" cipher. On client side > > there is Firefox 30 at least. >
Does firefox 30, which uses nss and *NOT* openssl, support that cipher suite? When I go to www.ssllabs.com in firefox, it only shows "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", and it's not listed in the about:config page in firefox. Do you see it in about:config in your firefox? Is it enabled there? ... > > But Firefox says (I translated it from my language..): > > > > A connection to the www.foo.com is interrupted > Error message fail. Interrupted by *what*? There isn't a "more information" button or similar with more information about the (handshake?) failure? Philip Guenther
