This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

tls1.0

  • 3 replies
  • 3 have this problem
  • 1 view
  • Last reply by philipp

more options

hi,

since the upgrade to ff 39.0 some sites that support only tls1.0 do not show. This is EXTREMELY annoying (yes I know, security bla bla, contact owner of the site) but our users are not helped with this and it is not always possible to contact the owner of the site. As a workaround we tell our users to use another browser which is quite a shame. Are there any plans to support older tls versions again or at least provide a switch to enable it?

Thanks Obould

hi, since the upgrade to ff 39.0 some sites that support only tls1.0 do not show. This is EXTREMELY annoying (yes I know, security bla bla, contact owner of the site) but our users are not helped with this and it is not always possible to contact the owner of the site. As a workaround we tell our users to use another browser which is quite a shame. Are there any plans to support older tls versions again or at least provide a switch to enable it? Thanks Obould

Modified by OBOULD

Chosen solution

if you receive that error code when accessing a site, this means that the webserver you're trying to reach is vulnerable to the recently published logjam attack and therefore firefox won't connect: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ https://weakdh.org/

unfortunately this can only be fixed by changing the configuration on the affected web-server.

Read this answer in context 👍 0

All Replies (3)

more options

hi obould, tls 1.0 is still supported in firefox - see the "protocols" section of https://www.ssllabs.com/ssltest/viewMyClient.html

if you receive error messages it's probably because particularly insecure/broken cipher suites are used on a web server. in order to know what's going on and if there are workarounds it will probably be necessary to know the url of the websites in question or at least the error code that is shown on these sites...

more options

Hello,

this is the error I get:

An error occurred during a connection to .... SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)

   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem.

Modified by OBOULD

more options

Chosen Solution

if you receive that error code when accessing a site, this means that the webserver you're trying to reach is vulnerable to the recently published logjam attack and therefore firefox won't connect: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ https://weakdh.org/

unfortunately this can only be fixed by changing the configuration on the affected web-server.