This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Èròjà atẹ̀lélànà yii ni a ti fi pamọ́ fọ́jọ́ pípẹ́. Jọ̀wọ́ béèrè ìbéèrè titun bí o bá nílò ìrànwọ́.

Cannot access SSL website when corporate proxy use man-in-the-middle attack to analyze SSL traffic

  • 2 àwọn èsì
  • 2 ní àwọn ìṣòro yìí
  • 17 views
  • Èsì tí ó kẹ́hìn lọ́wọ́ Alberto's Firefox

more options

Our company uses a proxy which analyzes SSL traffic on some web sites. This is done via man-in-the-middle attack. The proxy generates a new certificate on the fly that it sends to the client, impersonating a secure server. After upgrading on Firefox 10.0 I always get error: HTTP Error Status: 400 Bad Request after confirmation of security exception.

Our company uses a proxy which analyzes SSL traffic on some web sites. This is done via man-in-the-middle attack. The proxy generates a new certificate on the fly that it sends to the client, impersonating a secure server. After upgrading on Firefox 10.0 I always get error: HTTP Error Status: 400 Bad Request after confirmation of security exception.

Ọ̀nà àbáyọ tí a yàn

Maybe this is related to bug fixes of the BEAST (Browser Exploit Against SSL/TLS) attack

  • bug 702111 - Servers intolerant to 1/n-1 record splitting. "The connection was reset" (see also comment 60)
Ka ìdáhùn ni ìṣètò kíkà 👍 0

All Replies (2)

more options

Ọ̀nà àbáyọ Tí a Yàn

Maybe this is related to bug fixes of the BEAST (Browser Exploit Against SSL/TLS) attack

  • bug 702111 - Servers intolerant to 1/n-1 record splitting. "The connection was reset" (see also comment 60)
more options

This does not appear to be the same problem. In bug 702111 the page https://store.toto-dream.com/toto/member/ToHPLogin.do could not be opened. I can open this page without problem and the form is shown. The problem I have seems to be related to proxy which analyze SSL traffic generating a certificate on the fly. Usually in these case Firefox gives a security warning. Before version 10.0 I was able to continue and open the page but now after accepting I got the error: "HTTP Error Status: 400 Bad Request"