Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Natao arisiva ity resaka mitohy ity. Mametraha fanontaniana azafady raha mila fanampiana.

Now Firefox 25 support TLSv1.2, how can I enable SHA-2 ciphers?

  • 3 valiny
  • 9 manana an'ity olana ity
  • 3 views
  • Valiny farany nomen'i gsc-frank

more options

I just install Firefox 25 and configure TLS min and max values to 3, then visit this site https://cc.dcsec.uni-hannover.de/ which report no SHA-2 ciphers. What I must do to enable SHA-2 ciphers on Firefox 25. Exist some web app I need access that just allow SHA-2 ciphers.

I just install Firefox 25 and configure TLS min and max values to 3, then visit this site https://cc.dcsec.uni-hannover.de/ which report no SHA-2 ciphers. What I must do to enable SHA-2 ciphers on Firefox 25. Exist some web app I need access that just allow SHA-2 ciphers.

Novain'i gsc-frank t@

All Replies (3)

more options

New information: I tested on Ubuntu 13.10 using ppa:mozillateam/firefox-next to have Firefox using NSS 3.15.1 and result the same, no SHA256 ciphers was available.

Novain'i gsc-frank t@

more options

Are you referring to the value that show in the MAC field or the key size that is specified?

I keep some 128 bit ciphers disabled and see this:

This connection uses TLSv1 with CAMELLIA256-SHA and a 256 Bit key for encryption.
Ciphers: ff,c00a,c014,c00f,c005,84,35,96,04,c008,c012,16,13,c00d,c003,feff,0a 
(c0,0a)
ECDHE-ECDSA-AES256-SHA
256 Bit
Key exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,14)
ECDHE-RSA-AES256-SHA
256 Bit
Key exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,0f)
ECDH-RSA-AES256-SHA
256 Bit
Key exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,05)
ECDH-ECDSA-AES256-SHA
256 Bit
Key exchange: ECDH, encryption: AES, MAC: SHA1.
(00,84)
RSA-CAMELLIA256-SHA
256 Bit
Key exchange: RSA, encryption: Camellia, MAC: SHA1.
(00,35)
RSA-AES256-SHA
256 Bit
Key exchange: RSA, encryption: AES, MAC: SHA1.
more options

Thanks for you reply cor-el

I'm referring to the MAC value. "openssl ciphers -v | grep TLSv1.2" will show no SHA1 in MAC, and that is a problem a think: a server that just support TLSv1.2 ciphers will not offer SHA1 for MAC and as Firefox not support SHA-2, will be unable to communicate with it. Last Google Chrome and Opera works fine again the server I tested.