Re: [CentOS] Wich web browser on CentOS6 ?

Fri, 10 Feb 2017 05:07:21 -0800 

Tru Huynh wrote:

On Fri, Feb 10, 2017 at 12:26:14PM +0100, Patrick Begou wrote:

Hello

I have more and more troubles using firefox in professional
environment with CentOS6. The latest version is 45.7.0 But I can't
use it anymore to access some old server hardware (IDRAC7 of DELL
C6100) because of "/SSL_ERROR_WEAK_SERVER_CERT_KEY/".  I had to
install an old Firefox32 version to administrate these servers.


Can you try: (in Firefox's about:config):
possible workaround for SSL_ERROR_WEAK_SERVER_CERT_KEY
     security.ssl3.dhe_rsa_aes_128_sha
     security.ssl3.dhe_rsa_aes_256_sha

These are yet set to true.



Today I upgrade the firmware of 2 DELL switch and now Firefox cannot
connect to them anymore saying:
/An error occurred during a connection to xxx.xxx.xxx.xxx. The
server rejected the handshake because the client downgraded to a
lower TLS version than the server supports//
//SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT

possible workaround for SSL_ERROR_INAPPROPRIATE_FALLBACK_ALERT
     security.tls.version.max 3 -> 1

You might want to revert for safer browsing, after.
With this setting I get SSL_ERROR_NO_CYPHER_OVERLAP and I cannot connect to the switch. Of course I can re-activate the old firmware version of the switch, but it has a bug I would like to solve too.....
I know that to remains compatible with old config could have security problems but all of these devices use dedicated ports (IDRAC, Out of band port management) on a private network which could be easily isolated. The idea is to have a browser dedicated to this administration (instead of several versions/profiles) 
/Is there a CentOS6 recommended web browser allowing continuous
connections to olds and new base level (and local) system
administration services ?

maybe different profiles with differents security setup?

Cheers

Tru


_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
Thanks all for your suggestion to find a solution or detailing your local work around.... 

Patrick

--
===================================================================
|  Equipe M.O.S.T.         |                                      |
|  Patrick BEGOU           | mailto:patrick.be...@grenoble-inp.fr |
|  LEGI                    |                                      |
|  BP 53 X                 | Tel 04 76 82 51 35                   |
|  38041 GRENOBLE CEDEX    | Fax 04 76 82 52 71                   |
===================================================================

_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Reply via email to