Closed
Bug 1152990
Opened 10 years ago
Closed 9 years ago
psweb.ferrellgasathome.com is TLS 1.1/1.2 intolerant
Categories
(Web Compatibility :: Site Reports, defect)
Web Compatibility
Site Reports
Tracking
(firefox40 affected)
RESOLVED
WONTFIX
| Tracking | Status | |
|---|---|---|
| firefox40 | --- | affected |
People
(Reporter: kbrosnan, Unassigned)
References
()
Details
https://www.ssllabs.com/ssltest/analyze.html?d=psweb.ferrellgasathome.com TLS 1.0/RC4 server. Cert expires Fri Aug 25 16:59:59 PDT 2017
Collected from https://support.mozilla.org/en-US/questions/1056605
|
||
Comment 1•10 years ago
|
||
This server isn't actually RC4 only - it accepts additional cipher suites.
Note the various failures in the "Handshake Simulation" section of the SSL Labs report, as well as this line:
> TLS version intolerance TLS 1.1 TLS 1.2 TLS 1.3 TLS 1.98 TLS 2.98 PROBLEMATIC
This server needs to be updated, but in the mean time, these prefs (most preferred to least) can be set so connections are possible again:
security.tls.insecure_fallback_hosts = psweb.ferrellgasathome.com (a comma separated list of domains)
security.tls.version.fallback-limit = 1
security.tls.version.max = 1
Summary: psweb.ferrellgasathome.com is untrusted RC4 → psweb.ferrellgasathome.com is TLS 1.1/1.2 intolerant
|
|
||
Comment 2•10 years ago
|
||
Kevin, could you ask the person who is unable to access this site to point whoever runs ferrellgasathome.com at this bug? I don't think I have a SUMO account, and there's no obvious indication of who I can e-mail directly on the website.
Thanks!
Flags: needinfo?(kbrosnan)
|
Reporter | |
Comment 3•10 years ago
|
||
I don't think this user should be pointed at about:config.
Flags: needinfo?(kbrosnan)
|
|
Reporter | |
Comment 4•10 years ago
|
||
The site owner is http://www.ferrellgas.com/
|
|
||
Comment 5•10 years ago
|
||
(In reply to Kevin Brosnan [:kbrosnan] from comment #3)
> I don't think this user should be pointed at about:config.
Unfortunately, there is no way of connecting to the site without fiddling with prefs at the moment (or recommending ESR). The earliest this site will work by default is Firefox 38, when the static whitelist gets updated.
(In reply to Kevin Brosnan [:kbrosnan] from comment #4)
> The site owner is http://www.ferrellgas.com/
Thanks.
|
||
Comment 6•10 years ago
|
||
This seems to be Weblogic again. They should switch to the JSSE stack.
|
||
Comment 7•10 years ago
|
||
I can no longer connect psweb.ferrellgasathome.com, even with Chrome. SSL Labs also said "No secure protocols supported." I will not add this site to the whitelist if it keeps failing.
|
|
||
Comment 8•10 years ago
|
||
Probably after employees complained at work about it.
|
|
Reporter | |
Comment 9•10 years ago
|
||
The URL seems to provide access to the company's payroll service at minimum. This is according to the user in the support.mozilla.org thread referenced in comment 0.
|
|
||
Comment 10•10 years ago
|
||
Looks like the site is working again, still with the TLS intolerance problem.
|
|
||
Comment 11•10 years ago
|
||
The server is down once again.
|
|
||
Comment 12•9 years ago
|
||
I'll remove this server from the whitelist if it continues to fail.
|
|
||
Comment 13•9 years ago
|
||
Removed from the whitelist.
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → WONTFIX
|
Assignee | |
Updated•6 years ago
|
Product: Tech Evangelism → Web Compatibility
You need to log in
before you can comment on or make changes to this bug.
Description
•