This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

(Error code: ssl_error_renegotiation_not_allowed) how do I fix this for my bank?

more options

I try to log onto my bank with the new Fox fire and I continually get this error. I have looked through your list and can find no way to fix this. I have tried to go back and download Fox Fire 3.6 but can't find it. It worked with the last fox fire, but not the new. I really like the look of the new, but if I can't access my bank information it is hard for me to use foxfire.

I try to log onto my bank with the new Fox fire and I continually get this error. I have looked through your list and can find no way to fix this. I have tried to go back and download Fox Fire 3.6 but can't find it. It worked with the last fox fire, but not the new. I really like the look of the new, but if I can't access my bank information it is hard for me to use foxfire.

All Replies (4)

more options
more options

Para habilitar la renegociación SSL se necesita modificar un parámetro del navegador. Escribiendo en la barra de direcciones about:config y tras confirmar que sabemos lo que queremos hacer... buscamos la siguiente directiva:

security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref

Y modificamos su valor por defecto a TRUE

Después de esto ya se podrá acceder al sitio web que daba el error.

more options

@wrojas:

Setting the following config entry to "true" is not recommended:

     security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref

RFC 5746: "It's not desirable to set this to true, as it completely disables the new protection mechanisms. ...It's highly recommended to leave this at the default value "false", and instead populate preference:

    security.ssl.renego_unrestricted_hosts 

with a list of hosts that require the exception."
http://tools.ietf.org/html/rfc5746

For users whose banks have not yet implemented better security, send the bank a copy of the RFC and tell them to get their act together. Or bank somewhere else.

more options

It worked perfect for me.