Hi Phil, Sorry to redirect again, but this mailing list probably isn't the right place either (it's mainly about certificates, not TLS). The best thing to do is probably to file a bug on this. That will get the attention of the folks who can diagnose and fix this issue.
https://bugzilla.mozilla.org/enter_bug.cgi?product=NSS&component=Libraries Thanks, --Richard On Tue, Feb 21, 2017 at 7:04 AM, Phil Raptor via dev-security-policy < [email protected]> wrote: > Hello Experts, > We have a server that supports TLS1.0/1.1/1.2 and restricts SSL. FF 52 > beta's tls config is min=1 and max=4 by default. Upon trying to access our > server with FF 52, we are getting the below error - > > Secure Connection Failed > > The connection to xx.xx.xx.xx was interrupted while the page was loading. > > The page you are trying to view cannot be shown because the > authenticity of the received data could not be verified. > Please contact the website owners to inform them of this problem. > > Packet captures show Client Hello to be carrying SSL record layer instead > of TLS record layer. This happens if the max value is set as 3 or 4. For > other values, Client Hello is properly sent. > With FF 51.0.1, everything worked just fine. > > So, we would like to know- > Why is FF 52 sending SSL record layer when it is configured to send TLS > record layer? > As this is beta version, would you recommend using this version and the > final version will have a proper implementation? > > I have also raised a case in the common Mozilla forum and was advised to > touch base here - https://support.mozilla.org/t5/Firefox/How-does-FF- > determine-what-SSL-protocol-to-use-in-Client-Hello/m-p/ > 1365371/highlight/false#M1034432 > > Kindly advise! > _______________________________________________ > dev-security-policy mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
