Closed Bug 1243532 Opened 9 years ago Closed 9 years ago

SHA1 Certificates not Negotiating in Firefox V44

Categories

(Firefox :: Untriaged, defect)

Product:
Firefox
Component:
Untriaged
Version:
44 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1029179

People

(Reporter: pdawson, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36 Steps to reproduce: When attempting to access one of our sites (https://www.brainshark.com/brainsharkinc), the site would throw a "Your Connection is not secure" error and would not allow firefox to connect. The EV cert (stored on our load balancer) was signed with SHA1, and the supported cipher suites were supposed to force highest available, and both IE and Chrome would autonegotiate up to SHA256 or use GCM. We had to specifically re-allow TLS1_RSA_AES_128_SHA and TLS1_RSA_AES_256_SHA to our load balancer in order to get firefox to work with it. Actual results: Would refuse connection to website with "Your connection is not secure, the website is not configured correctly, please contact the website owners to fix" Expected results: Cert Autonegotiate higher than SHA1 and load website
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Resolution: --- → DUPLICATE
pdawson: Please see https://www.ssllabs.com/ssltest/analyze.html?d=https%3A%2F%2Fwww.brainshark.com and enable TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 if your load balancer supports it. If your load balancer doesn't support it, please share which load balancer it is. Thanks!
You need to log in before you can comment on or make changes to this bug.