We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Mozilla サポートの検索

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

詳しく学ぶ

このスレッドはアーカイブに保管されました。 必要であれば新たに質問してください。

(Error code: ssl_error_renegotiation_not_allowed) how do I fix this for my bank?

  • 4 件の返信
  • 809 人がこの問題に困っています
  • 1 回表示
  • 最後の返信者: Henry Suárez

more options

I try to log onto my bank with the new Fox fire and I continually get this error. I have looked through your list and can find no way to fix this. I have tried to go back and download Fox Fire 3.6 but can't find it. It worked with the last fox fire, but not the new. I really like the look of the new, but if I can't access my bank information it is hard for me to use foxfire.

I try to log onto my bank with the new Fox fire and I continually get this error. I have looked through your list and can find no way to fix this. I have tried to go back and download Fox Fire 3.6 but can't find it. It worked with the last fox fire, but not the new. I really like the look of the new, but if I can't access my bank information it is hard for me to use foxfire.

すべての返信 (4)

more options
more options

Para habilitar la renegociación SSL se necesita modificar un parámetro del navegador. Escribiendo en la barra de direcciones about:config y tras confirmar que sabemos lo que queremos hacer... buscamos la siguiente directiva:

security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref

Y modificamos su valor por defecto a TRUE

Después de esto ya se podrá acceder al sitio web que daba el error.

more options

@wrojas:

Setting the following config entry to "true" is not recommended:

     security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref

RFC 5746: "It's not desirable to set this to true, as it completely disables the new protection mechanisms. ...It's highly recommended to leave this at the default value "false", and instead populate preference:

    security.ssl.renego_unrestricted_hosts 

with a list of hosts that require the exception."
http://tools.ietf.org/html/rfc5746

For users whose banks have not yet implemented better security, send the bank a copy of the RFC and tell them to get their act together. Or bank somewhere else.

more options

It worked perfect for me.