We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Rohkem teavet

Why "Firefox recommends that you don't enter ...information on this web" what is wrong on SHA256 site cert and how to get rid of the notice

  • 1 vastus
  • 1 on selline probleem
  • 6 views
  • Viimati vastas philipp

more options

FF started warn me on some sites showing message: "Firefox recommends that you don't enter your password, credit card and other personal information on this web" and recommends "Don't trust this website". OK, certificate is valid, SHA256 encrypted, but, "Broken Encryption (TLS_RSA_WITH_RC4_128_SHA, 128 bit keys, TLS 1.2)" How can I get rid of the message, if I have to use the server and I have no possibility to change its encryption strenghts as it is not server of mine?

Thanks

Jiří Rohlíček

FF started warn me on some sites showing message: "Firefox recommends that you don't enter your password, credit card and other personal information on this web" and recommends "Don't trust this website". OK, certificate is valid, SHA256 encrypted, but, "Broken Encryption (TLS_RSA_WITH_RC4_128_SHA, 128 bit keys, TLS 1.2)" How can I get rid of the message, if I have to use the server and I have no possibility to change its encryption strenghts as it is not server of mine? Thanks Jiří Rohlíček

Valitud lahendus

hi, the rc4 cipher suite can no longer be considered state of the art and doesn't provide a decent level of security anymore - therefore firefox will warn you on affected sites (i am not sure what benefit it would have for you if this information is withhold from you): https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/

Loe vastust kontekstis 👍 0

All Replies (1)

more options

Valitud lahendus

hi, the rc4 cipher suite can no longer be considered state of the art and doesn't provide a decent level of security anymore - therefore firefox will warn you on affected sites (i am not sure what benefit it would have for you if this information is withhold from you): https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/