Closed Bug 360008 Opened 18 years ago Closed 18 years ago

FF 2.0 does not offer SSL 2.0 support which much existing infrastructure requires

Categories

(Firefox :: Security, defect)

x86
Linux
defect
Not set
major

Tracking

()

RESOLVED INVALID

People

(Reporter: chrise, Unassigned)

References

()

Details

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0 FF 2.0 for Linux no longer offers SSL 2.0 support. Only 3.0 and TLS 1.0 are supported. Much existing web infrastructure still uses and requires SSL 2.0 so we are unable to access these services using FF 2.0. Recommended solutions such as found here: http://ffextensionguru.wordpress.com/2006/10/24/firefox-20-ssl-2-tweak/ do not work as SSL 2.0 still does not enable. Reproducible: Always Steps to Reproduce: 1. access any site that only supports SSL 2.0 2. 3. Actual Results: Firefox issues a dialog box saying it cannot connect to the site because an unsupported security protocol is required. Expected Results: It should have connected in https mode using SSL 2.0 protocol It is perhaps premature to disable SSL 2.0 support since many server infrastructures are not yet upgraded to SSL 3.0 or are even capable of that upgrade. Is it possible to deploy a scheme that will use 3.0 if the server supports it but seemlessly fall back to 2.0 if 3.0 is unavailable?
This is by design, see bug 236933
Status: UNCONFIRMED → RESOLVED
Closed: 18 years ago
Resolution: --- → INVALID
This also applies to FF2.x for Windows. Same issue in that SSL 2.0 support has been removed. I use browser based apps (HP WebJet Admin) that require SSL 2.0, so I guess I am now forced to either go back to FF 1.5x, or, heaven forbid, use IE!
You need to log in before you can comment on or make changes to this bug.