In Firefox 38.5, how do I ensure it will only use tls 1.2 and not fallback to lower versions or ssl?
I'm using Firefox 38.5 on CentOS 5.6. My current settings in about:config are as follows: security.tls.version.fallback-limit = 3 security.tls.version.max = 3 security.tls.version.min = 1
Are these settings already correct to only allow tls 1.2 or do I need to change the min value to 3 as well?
Wubrane rozwězanje
You would have to set security.tls.version.min = 3 if you really only want to enable TLS 1.2 Note that this will break servers that do not support TLS 1.2
0 means SSL 3.0, 1 means TLS 1.0, 2 means TLS 1.1, 3 means TLS 1.2 etc.
- Browser test: https://www.ssllabs.com/ssltest/viewMyClient.html
- SSleuth: https://addons.mozilla.org/firefox/addon/ssleuth/
Wšykne wótegrona (2)
Wubrane rozwězanje
You would have to set security.tls.version.min = 3 if you really only want to enable TLS 1.2 Note that this will break servers that do not support TLS 1.2
0 means SSL 3.0, 1 means TLS 1.0, 2 means TLS 1.1, 3 means TLS 1.2 etc.
Wót cor-el změnjony
Thanks - excellent answer.