Fungování této stránky je z důvodu údržby dočasně omezeno. Pokud žádný článek nápovědy nevyřeší váš problém a potřebujete se zeptat na další řešení, napište nám na Twitter @FirefoxSupport nebo Reddit /r/firefox.

Prohledat stránky podpory

Vyhněte se podvodům. Za účelem poskytnutí podpory vás nikdy nežádáme, abyste zavolali nebo poslali SMS na nějaké telefonní číslo nebo abyste sdělili své osobní údaje. Jakékoliv podezřelé chování nám prosím nahlaste pomocí odkazu „Nahlásit zneužití“.

Zjistit více

How to set cipher's order for SSL-TLS connections?

  • 10 odpovědí
  • 17 má tento problém
  • 2 zobrazení
  • Poslední odpověď od chaotux

more options

I want to set another cipher's order for SSL-TLS connections. How can I do it?

I want to set another cipher's order for SSL-TLS connections. How can I do it?

Všechny odpovědi (10)

more options

You can't do that.
The server sends a list of supported ciphers and Firefox processes this list.

You can only disable ciphers that you do not want to use and enable them in case you get an SSL error (no overlap)

Upravil uživatel cor-el dne

more options

>You can only disable ciphers that you do not want to use and enable them Thank you for answer. I found how to disable ciphers in about:config.

>The server sends a list of supported ciphers and Firefox processes this list. No. ClientHello goes first. That's why ciphers' order of client matter for server. First cipher suits are more preferred.

more options

Of course, Server can choose any what it wants according to it's preferences - for example perfomance. But not all servers, that's why the order may be significative.

cor-el, can you see Bad Firefox implementation of SSL/TLS (error: ssl_error_no_cypher_overlap, RC4 and 3DES are turned OFF)

more options
more options

See also these other two threads (now locked) created by the OP:

more options

What can I do as user with that source code? :)

TLS 1.2 is enabled. I have security.tls.version.max=3

more options
  1. Question#1
  2. Question#2

You must leave at least one question from those, because it's another question: Why in Firefox v25 (last release) there are no cipher suits with SHA-256?

I see many cipher suits on page source code with cipher suits

Why only some of them NOW in Firefox! Why others are absent! That's why I said "Firefox have bad implementation of SSL/TLS". Don't you agree? If so, please answer to my question.

Upravil uživatel rasj dne

more options

I'm not sure if that is the correct for Firefox.

These might be more accurate:

Do you have a link to a website that supports SHA256 cipher suites?

I'm not sure how Firefox would report those in the security tab in Tools > Page Info > Security.

more options

>These might be more accurate

These links are more correct. First were for Chromium. I see that there are SHA256 cipher suits but they are not present in the current release version of Firefox - v25. Why? :)

>Do you have a link to a website that supports SHA256 cipher suites?

Many and long ago.

Upravil uživatel rasj dne

more options

https://www.ssllabs.com/ssltest/viewMyClient.html

Gives you an example of its preferred Cipher Suits. I would like to arrange them from strongest to weakest.

The only browser that has them all in correct order OOB is SRWare Iron, but I am not saying i would recommend using it. [cross platform]

I would love to see firefox settings to rearrange or customize. I want it to remain my primary browser but unless I can change these I may end up switching.