Closed Bug 1152990 Opened 5 years ago Closed 5 years ago
.ferrellgasathome .com is TLS 1 .1/1 .2 intolerant
https://www.ssllabs.com/ssltest/analyze.html?d=psweb.ferrellgasathome.com TLS 1.0/RC4 server. Cert expires Fri Aug 25 16:59:59 PDT 2017 Collected from https://support.mozilla.org/en-US/questions/1056605
This server isn't actually RC4 only - it accepts additional cipher suites. Note the various failures in the "Handshake Simulation" section of the SSL Labs report, as well as this line: > TLS version intolerance TLS 1.1 TLS 1.2 TLS 1.3 TLS 1.98 TLS 2.98 PROBLEMATIC This server needs to be updated, but in the mean time, these prefs (most preferred to least) can be set so connections are possible again: security.tls.insecure_fallback_hosts = psweb.ferrellgasathome.com (a comma separated list of domains) security.tls.version.fallback-limit = 1 security.tls.version.max = 1
Kevin, could you ask the person who is unable to access this site to point whoever runs ferrellgasathome.com at this bug? I don't think I have a SUMO account, and there's no obvious indication of who I can e-mail directly on the website. Thanks!
I don't think this user should be pointed at about:config.
The site owner is http://www.ferrellgas.com/
(In reply to Kevin Brosnan [:kbrosnan] from comment #3) > I don't think this user should be pointed at about:config. Unfortunately, there is no way of connecting to the site without fiddling with prefs at the moment (or recommending ESR). The earliest this site will work by default is Firefox 38, when the static whitelist gets updated. (In reply to Kevin Brosnan [:kbrosnan] from comment #4) > The site owner is http://www.ferrellgas.com/ Thanks.
This seems to be Weblogic again. They should switch to the JSSE stack.
I can no longer connect psweb.ferrellgasathome.com, even with Chrome. SSL Labs also said "No secure protocols supported." I will not add this site to the whitelist if it keeps failing.
Probably after employees complained at work about it.
The URL seems to provide access to the company's payroll service at minimum. This is according to the user in the support.mozilla.org thread referenced in comment 0.
Looks like the site is working again, still with the TLS intolerance problem.
The server is down once again.
I'll remove this server from the whitelist if it continues to fail.
Removed from the whitelist.
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → WONTFIX
Product: Tech Evangelism → Web Compatibility
You need to log in before you can comment on or make changes to this bug.