This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Lolu chungechunge lwabekwa kunqolobane. Uyacelwa ubuze umbuzo omusha uma udinga usizo.

Firefox is sending disabled list of ciphers too in client hello ( ssl handshake)

  • 1 baphendule
  • 3 zinale nkinga
  • 13 views
  • Igcine ukuphendulwa ngu cor-el

Tanuj
Tanuj
more options

under C:\Program Files\Mozilla Firefox\defaults\pref\ this folder , i have created a security-perfs.js file which has got the information about the disabled and enabled list of ciphers and ssl version.

In this file , i have made only one cipher enabled .. rest all the cipher are false. So during the SSL handshake i should see only one cipher being sent in the client hello request ( by firefox )... But i could see a big list of cipher is being sent by the client ( firefox ) in client hello request.

BTW: in about:config .. i could see only one cipher is enabled rest are disabled. so the changes are getting reflected in the firefox using security-perfs.js file.

I am using windows XP.

so can some one help me here.

Thanks + Tanuj

under C:\Program Files\Mozilla Firefox\defaults\pref\ this folder , i have created a security-perfs.js file which has got the information about the disabled and enabled list of ciphers and ssl version. In this file , i have made only one cipher enabled .. rest all the cipher are false. So during the SSL handshake i should see only one cipher being sent in the client hello request ( by firefox )... But i could see a big list of cipher is being sent by the client ( firefox ) in client hello request. BTW: in about:config .. i could see only one cipher is enabled rest are disabled. so the changes are getting reflected in the firefox using security-perfs.js file. I am using windows XP. so can some one help me here. Thanks + Tanuj

Okulungisiwe ngu Tanuj

All Replies (1)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

Files in that folder are used to initialize a new profile and doesn't have otherwise any effect.

You can use a mozilla.cfg file in the Firefox program folder to lock prefs or specify new (default) values.

Place a file local-settings.js in the defaults\pref folder where you also find the file channel-prefs.js to specify using mozilla.cfg. 

pref("general.config.filename", "mozilla.cfg");
pref("general.config.obscure_value", 0); // use this to disable the byte-shift

See:

You can use these functions in mozilla.cfg: 

defaultPref();  // set new default value
pref();         // set pref, but allow changes in current session
lockPref();     // lock pref, disallow changes