On 10/26/2014 07:34 PM, Norbert Preining wrote:
> So What I got from cipherscan is the following:
>
> prio ciphersuite protocolspfs_keysize
> 1 RC4-SHA SSLv3
> 2 RC4-MD5 SSLv2,SSLv3
> 3 EDH-RSA-DES-CBC3-SHA SSLv3DH,1024bits
> 4 DE
Hi everyone,
thanks for the comments.
> Apparently there are various appropriate offline tools, try
> something from here:- ??
> https://github.com/ssllabs/research/wiki/Assessment-Tools
Done so, I used cipherscan
> [or, alternatively, arrange a temporary port-443 forward through
> to the serve
On 10/23/2014 10:30 PM, Norbert Preining wrote:
> On Fri, 24 Oct 2014, Mike Hommey wrote:
>> If it is, you can try to go to about:config, and change
>> security.tls.version.min to 0.
>
> Indeed, that made it work again thanks.
> Is it possible to have this only for *some* sites, I would pref
Hi Mike, hi all,
On Fri, 24 Oct 2014, Mike Hommey wrote:
> If it is, you can try to go to about:config, and change
> security.tls.version.min to 0.
Indeed, that made it work again thanks.
Is it possible to have this only for *some* sites, I would prefer
*not* to enable that globally.
So, t
On Fri, Oct 24, 2014 at 10:56:09AM +0900, Norbert Preining wrote:
> Hi Daniel,
>
> > It looks like this is a really old server, which can only support SSL
> > v3.0.
>
> That could well be ... unfortunately
>
> > what if you add the flag "-V ssl3:ssl3" to the tstclnt implementation?
>
> Looks b
Hi Daniel,
> It looks like this is a really old server, which can only support SSL
> v3.0.
That could well be ... unfortunately
> what if you add the flag "-V ssl3:ssl3" to the tstclnt implementation?
Looks better, finishes with
...
tstclnt: using asynchronous certificate validation
tstclnt:
Hi Norbert--
Norbert Preining wrote:
> An error occurred during a connection to MY.SERVER:PORT. SSL peer rejected a
> handshake message for unacceptable content. (Error code:
> ssl_error_illegal_parameter_alert)
[...]
> ii libnss3 2:3.17.2-1
[...]
> Hi Sylvestre,
>
>> > * tr
The latest Iceweasel security update disables SSL3 based on a
well-publicised vulnerability:
https://www.debian.org/security/2014/dsa-3050
This breaks a number of sites that only have SSL available for
encryption. I would personally have preferred a warning, but this is
really a problem with the s
On 20/10/2014 06:33, Norbert Preining wrote:
> Package: iceweasel
> Version: 31.2.0esr-2
> Severity: important
[...]
> * tried upstream original firefox: worked out of the box
Same version?
> * tried chromium (Debian): worked out of the box
>
> That means that something in the SSL handling in Debia
Hi Sylvestre,
> > * tried upstream original firefox: worked out of the box
> Same version?
I tried both, 33.0 and 31.2.0esr, in both cases it works with
original Firefox without any problems.
> Or that the SSL certificat of the server is broken.
It worked two or three weeks ago on the same comp
Package: iceweasel
Version: 31.2.0esr-2
Severity: important
Hi all,
I get the following error when connecting to the universities
internal web server:
--
Secure Connection Failed
An error occurred during a connection to MY.SERVER:PORT. SSL peer rejected a
handshake message for unacceptable
11 matches
Mail list logo
