Funkcionalnosć toś togo sedła se pśez wótwardowańske źěła wobgranicujo, kótarež maju wašo dožywjenje pólěpšyś. Jolic nastawk waš problem njerozwězujo a cośo pšašanje stajiś, wobrośćo se na našo zgromoźeństwo pomocy, kótarež na to caka, wam na @FirefoxSupport na Twitter a /r/firefox na Reddit pomagaś.

Pomoc pśepytaś

Glědajśo se wobšudy pomocy. Njenapominajomy was nigda, telefonowy numer zawołaś, SMS pósłaś abo wósobinske informacije pśeraźiś. Pšosym dajśo suspektnu aktiwitu z pomocu nastajenja „Znjewužywanje k wěsći daś“ k wěsći.

Dalšne informacije

site not shown as secure in Firefox only

  • 6 wótegrona
  • 2 matej toś ten problem
  • 1 naglěd
  • Slědne wótegrono wót christ1

more options

Hi -- I'm completely baffled. Our site shows as secure in IE and Chrome but not in Firefox.

I've run all the standard checks: whynopadlock, http://www.networking4all.com/en/support/tools/site+check/, https://www.sslshopper.com/ssl-checker.html

Nothing shows up except for SSLv3, which I've asked my host to disable, but I've seen other websites with SSLv3 support that are marked as secure (https://www.whynopadlock.com/check.php). So, that shouldn't be the issue.

Any ideas at all?

Thanks, Josh

Hi -- I'm completely baffled. Our site shows as secure in IE and Chrome but not in Firefox. I've run all the standard checks: whynopadlock, http://www.networking4all.com/en/support/tools/site+check/, https://www.sslshopper.com/ssl-checker.html Nothing shows up except for SSLv3, which I've asked my host to disable, but I've seen other websites with SSLv3 support that are marked as secure (https://www.whynopadlock.com/check.php). So, that shouldn't be the issue. Any ideas at all? Thanks, Josh

Wšykne wótegrona (6)

more options

hi josh, if this happened after the update to firefox 36, then it's most likely your site only offers weak encryption making use of the RC4 cipher suite which is considered broken and no longer trustworthy now. according to this recent proposal browsers have to stop supporting RC4: https://tools.ietf.org/html/rfc7465 https://developer.mozilla.org/en-US/Firefox/Releases/36/Site_Compatibility#Security

starting with firefox 38, the browser will show the error message and block access to affected sites...

more options

Thanks for the fast response! I had no idea about that, and I do see that the site uses RC4.

I'll contact Bluehost right away and see what they can do about this.

And I just noticed I forgot to post our domain in the original question. Probably doesn't matter now, but it's https://motorthrust.com.

Fingers crossed Bluehost can help.

Thanks again! Josh

more options

This should give you all the information you need. https://www.ssllabs.com/ssltest/analyze.html?d=motorthrust.com

I've run all the standard checks: http://www.networking4all.com/en/support/tools/site+check/

The above site returns: - Encryption strength is at least 2048-bit

This is a pretty silly statement, the 2048 bit key is used for authentication, not for encryption.

- Accepting only high encryption cipher suites

This is as silly as the above. I have no idea what 'high encryption cipher suites' are.

more options

Thanks for the additional feedback. I forgot to mention that I had also used SSL labs; although, it doesn't specifically say why a browser won't show a padlock. Tons of awesome info, though.

Unfortunately, the fate of this is in Bluehost's hands, which is rarely a good thing...

more options

You can also look at this extension:

more options
it doesn't specifically say why a browser won't show a padlock.

TLS is more than the browser just showing a padlock. https://support.mozilla.org/en-US/kb/how-do-i-tell-if-my-connection-is-secure