This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Firefox 48.0.2 NS_ERROR_NET_INADEQUATE_SECURITY with HTTP2

Alex5648648
Alex5648648
more options

Hi, since enabling HTTP2 on our server I'm getting the following error message when opening the http address, which 301 redirects to https :

Your connection is not secure

The website tried to negotiate an inadequate level of security.

biobanking.org uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal information which you thought to be safe. The website administrator will need to fix the server first before you can visit the site.

Error code: NS_ERROR_NET_INADEQUATE_SECURITY

Server: Apache/2.4.23 (Win64) OpenSSL/1.0.2h PHP/7.0.8

SSL Config: SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4 SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4 SSLHonorCipherOrder on SSLProtocol all -SSLv3 SSLProxyProtocol all -SSLv3 SSLPassPhraseDialog builtin SSLSessionCacheTimeout 300

In VirtualHost config: - Protocols h2 http/1.1

When I refresh the https address it shows me the same message once, after the next refresh the site is showing up correctly.

Hope you can look into it

Hi, since enabling HTTP2 on our server I'm getting the following error message when opening the http address, which 301 redirects to https : ----------------------------------------------------------------- Your connection is not secure The website tried to negotiate an inadequate level of security. biobanking.org uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal information which you thought to be safe. The website administrator will need to fix the server first before you can visit the site. Error code: NS_ERROR_NET_INADEQUATE_SECURITY ----------------------------------------------------------------- Server: Apache/2.4.23 (Win64) OpenSSL/1.0.2h PHP/7.0.8 SSL Config: SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4 SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4 SSLHonorCipherOrder on SSLProtocol all -SSLv3 SSLProxyProtocol all -SSLv3 SSLPassPhraseDialog builtin SSLSessionCacheTimeout 300 In VirtualHost config: - Protocols h2 http/1.1 When I refresh the https address it shows me the same message once, after the next refresh the site is showing up correctly. Hope you can look into it

Chosen solution

Oops, should've read the documentation better. Apparently I didn't choose the right SSLCipherSuite. I went with the one listed here: https://icing.github.io/mod_h2/howto.html to solve my problem

Read this answer in context 👍 2

All Replies (1)

Alex5648648
Alex5648648 Question owner
more options

Chosen Solution

Oops, should've read the documentation better. Apparently I didn't choose the right SSLCipherSuite. I went with the one listed here: https://icing.github.io/mod_h2/howto.html to solve my problem