We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Vanwege onderhoudswerkzaamheden die uw ervaring zouden moeten verbeteren, heeft deze website beperkte functionaliteit. Als een artikel uw probleem niet verhelpt en u een vraag wilt stellen, kan onze ondersteuningsgemeenschap u helpen in @FirefoxSupport op Twitter en /r/firefox op Reddit.

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gesloten en gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

ssl_error_bad_mac_read error on credit card payment

  • 4 antwoorden
  • 30 hebben dit probleem
  • 1 weergave
  • Laatste antwoord van manjit2970

more options

I'm trying to process a credit card payment for Norwegian Airlines. When taking me to the Verified by Visa page on my credit card account ( https://www.vpv.scddesjardins.com/ ) I get the secured connection failed page: "An error occurred during a connection to www.vpv.scddesjardins.com. SSL received a record with an incorrect Message Authentication Code. (Error code: ssl_error_bad_mac_read) " Their server seems to be still running SSL 3.0 and some other terrible things, but on another website I had this issue I got a different error message. Should I be contacting my credit card company, and if so what should I be asking them to do? I can't give a public page, obviously, and though I tried to test it on Chrome, they're charging me 7 EUR more for the flight on Chrome than Firefox (just another reason to use FF!).

I'm trying to process a credit card payment for Norwegian Airlines. When taking me to the Verified by Visa page on my credit card account ( https://www.vpv.scddesjardins.com/ ) I get the secured connection failed page: "An error occurred during a connection to www.vpv.scddesjardins.com. SSL received a record with an incorrect Message Authentication Code. (Error code: ssl_error_bad_mac_read) " Their server seems to be still running SSL 3.0 and some other terrible things, but on another website I had this issue I got a different error message. Should I be contacting my credit card company, and if so what should I be asking them to do? I can't give a public page, obviously, and though I tried to test it on Chrome, they're charging me 7 EUR more for the flight on Chrome than Firefox (just another reason to use FF!).

Gekozen oplossing

Or maybe...

When I test that site in Chrome, it says the site uses TLS 1.0, an older version of the SSL standard that Firefox 37 no longer treats as secure. This is a change from Firefox 36.

You can make a site-specific exception for the problem server so Firefox allows TLS 1.0:

Here's how:

(1) Copy the host name of the server address. This is the part between the https:// protocol and the next / character, and not including either of those. In this case: www.vpv.scddesjardins.com

(2) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.

(3) In the search box above the list, type or paste tls and pause while the list is filtered

(4) Double-click the security.tls.insecure_fallback_hosts preference to display a box where you can paste the copied host name. If you have something here already, add a comma at the end before pasting to separate the new host name from the previous name(s). Then click OK to save the change.

When you reload that site, Firefox 37 should display the site (of course, I can't test without the full URL).

Dit antwoord in context lezen 👍 19

Alle antwoorden (4)

more options

The error code ssl_error_bad_mac_read is somewhat rare on this forum. Past solutions may have included (sometimes it's hard to tell which suggestion helped):

  • Disabling Firefox from using IPv6 (see that topic in: Firefox can't load websites but other browsers can)
  • Checking for a proxy setting in the Options dialog: "3-bar" menu button (or Tools menu) > Options > Advanced > Network mini-tab > "Settings" button -- try "No Proxy"
  • Fixing a flaky internet connection
  • Removing some extensions (e.g., MaskMe and an old version of DoNotTrackMe)
  • Bypassing the filtering software NetNanny
more options

Gekozen oplossing

Or maybe...

When I test that site in Chrome, it says the site uses TLS 1.0, an older version of the SSL standard that Firefox 37 no longer treats as secure. This is a change from Firefox 36.

You can make a site-specific exception for the problem server so Firefox allows TLS 1.0:

Here's how:

(1) Copy the host name of the server address. This is the part between the https:// protocol and the next / character, and not including either of those. In this case: www.vpv.scddesjardins.com

(2) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.

(3) In the search box above the list, type or paste tls and pause while the list is filtered

(4) Double-click the security.tls.insecure_fallback_hosts preference to display a box where you can paste the copied host name. If you have something here already, add a comma at the end before pasting to separate the new host name from the previous name(s). Then click OK to save the change.

When you reload that site, Firefox 37 should display the site (of course, I can't test without the full URL).

more options

Thanks. I should say that while this workaround worked, I still yelled at the server owners for their woefully out of date and insecure server. If anyone sees this, they should not just apply the workaround and continue using insecure connections as if nothing happened, but get the administrator to update their technology by a decade or two.

more options

at security.tls.insecure_fallback_hosts preferences I added www.onlinesbi.com, made it OK, started again firefox and checked but the the error is same i.e

"An error occurred during a connection to www.onlinesbi.com. SSL received a record with an incorrect Message Authentication Code. (Error code: ssl_error_bad_mac_read)
   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
   Please contact the website owners to inform them of this problem."