On 10/17/2014 12:33 PM, A Williams wrote: > EE wrote: >> Gabriel wrote: >>> I'm really upset! >>> I had this problem with the latest update of FF to v. 33.0 and now the >>> same is with SM 2.30 OSX (Snow Leopard). >>> >>> I cannot connect to my local Webmin on "https://localhost:nnn/"; (the >>> same with the local name or 127.0.0.1 IP, 'nnn' is the port number) >>> because of the error "An error occurred during a connection to >>> 127.0.0.1:nnn. The key does not support the requested operation. (Error >>> code: sec_error_invalid_key)". >>> The local certificate is already in the exception list. >>> Webmin is the latest version 1.710 and all the component are up to date >>> (such as openSSL) >>> >>> SM build: >>> User agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:33.0) >>> Gecko/20100101 Firefox/33.0 SeaMonkey/2.30 >>> Build identifier: 20141014004953 >>> >>> Does anyone know how to force SM or FF to connect or how to fix the >>> problem? >>> >>> Thank you! >>> >>> Gabriel >> >> Why do you need a secure connection to the localhost? It is your own >> computer. >> > > You know Google reported a hole in SSL at the start of the week? It was > around the time the latest Firefox came out and they were planning to > disable SSL support with the next level in mid November. > I don't have the newest Seamonkey yet (it has not propagated to my Linux > distribution yet) but Apple *may* possibly have taken this step already. > Firefox disabled configuration except by about:config last year but > Seamonkey did not. > > Preferences -> Privacy & Security -> SSL -> SSL Protocol Versions. > Is SSL 3.0 enabled? > btw: > - the checked boxes have to be contiguous. > - SSL 3.0 < TLS 1.0. > > Google will tell you how to do this for Firefox. It was non-intuitive > to me. > > The hole in SSL was large enough to make disabling it a sensible idea. > My preference would be towards leaving it off rather than keeping it for > localhost. >
It is a good idea when mentioning security issues like this to 'cite' some references. Here are a few: <http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html> <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566> <https://bugzilla.mozilla.org/show_bug.cgi?id=1076983> <http://threatpost.com/browser-vendors-move-to-disable-sslv3-in-wake-of-poodle-attack/108852> <https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/> _______________________________________________ support-seamonkey mailing list [email protected] https://lists.mozilla.org/listinfo/support-seamonkey
