Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

当サイトはユーザー体験を改善するためのメンテナンスを実施中に機能が制限される予定です。記事を読んでもあなたの問題が解決せず質問をしたい場合は、Twitter の @FirefoxSupport、Reddit の /r/firefox で、サポートコミュニティが皆さんを助けようと待機しています。

Mozilla サポートの検索

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

詳しく学ぶ

このスレッドはアーカイブに保管されました。 必要であれば新たに質問してください。

After refreshing Firefox Beta 39.0, the browser will not open a website that opens in a new tab.

  • 10 件の返信
  • 306 人がこの問題に困っています
  • 1 回表示
  • 最後の返信者: derek500

more options

"SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)

The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem."

The page used to load in a new tab before I selected to Refresh Firefox. I cannot find out how to allow Firefox to open webpages in a new tab when selected from the tab in use.

"SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key) The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem." The page used to load in a new tab before I selected to Refresh Firefox. I cannot find out how to allow Firefox to open webpages in a new tab when selected from the tab in use.

選ばれた解決策

hi, this means that the webserver you're trying to reach is vulnerable to the recently published logjam vulnerability: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ please report that to webmaster of the site in question to fix that issue...

この回答をすべて読む 👍 29

すべての返信 (10)

more options

選ばれた解決策

hi, this means that the webserver you're trying to reach is vulnerable to the recently published logjam vulnerability: http://arstechnica.com/security/2015/05/https-crippling-attack-threatens-tens-of-thousands-of-web-and-mail-servers/ please report that to webmaster of the site in question to fix that issue...

more options

Workaround for Firefox 39 and above:

1) In FireFox, enter "about:config" in the URL field and press enter. 2) Accept the "This might void your warranty!" warning :) 3) In the search field at the top, enter "security.ssl3.dhe_rsa_aes" 4) Double click each result (128 and 256) to toggle the Value to "false"

Now retry your site - it should work now. Remember to change these settings back when you're done.

more options

higherdestiny: lifesaver - thank you :)

more options

@higherdestiny: Your solution worked but are there any cons to it?

Thanks

more options

By re-enabling these DHE cipher suites you will make yourself vulnerable to the Logjam attack.

more options

Except any other way to do this about:config ? i mean in programmatically

more options

You can only do that via the about:config page, but enabling these two cipher suites is not recommended. You should contact the website and ask them to upgrade their security.

Logjam: How Diffie-Hellman Fails in Practice:


Users of Firefox releases 38 and older can disable these cipher suites and toggle these prefs to false via this extension:

more options

This is not always possible. In my case, the webpage is served by a legacy PCI raid card - I very much doubt the manufacturer will be doing any updates. My only option (if I want to carry on using Firefox!) is to drop the shields, inspect the raid status etc, then raise the shields again. I just hope there are no Klingons about!

Can anyone suggest any other solutions?

more options

Thanks for help!

この投稿は rubone により に変更されました

more options

Peter said

This is not always possible. In my case, the webpage is served by a legacy PCI raid card - I very much doubt the manufacturer will be doing any updates. My only option (if I want to carry on using Firefox!) is to drop the shields, inspect the raid status etc, then raise the shields again. I just hope there are no Klingons about! Can anyone suggest any other solutions?

I would like to hear other suggestions for this as well. I have a couple of internal sites. I used to be able to create an exception for _that_ specific site, without disabling all security, after accepting a number of warnings etc. Now I have to use a different browser.