We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Mozilla Destek’te Ara

Destek dolandırıcılığından kaçının. Mozilla sizden asla bir telefon numarasını aramanızı, mesaj göndermenizi veya kişisel bilgilerinizi paylaşmanızı istemez. Şüpheli durumları “Kötüye kullanım bildir” seçeneğini kullanarak bildirebilirsiniz.

Daha Fazlasını Öğren

Cannot access SSL website when corporate proxy use man-in-the-middle attack to analyze SSL traffic

more options

Our company uses a proxy which analyzes SSL traffic on some web sites. This is done via man-in-the-middle attack. The proxy generates a new certificate on the fly that it sends to the client, impersonating a secure server. After upgrading on Firefox 10.0 I always get error: HTTP Error Status: 400 Bad Request after confirmation of security exception.

Our company uses a proxy which analyzes SSL traffic on some web sites. This is done via man-in-the-middle attack. The proxy generates a new certificate on the fly that it sends to the client, impersonating a secure server. After upgrading on Firefox 10.0 I always get error: HTTP Error Status: 400 Bad Request after confirmation of security exception.

Seçilen çözüm

Maybe this is related to bug fixes of the BEAST (Browser Exploit Against SSL/TLS) attack

  • bug 702111 - Servers intolerant to 1/n-1 record splitting. "The connection was reset" (see also comment 60)
Bu yanıtı konu içinde okuyun 👍 0

Tüm Yanıtlar (2)

more options

Seçilen çözüm

Maybe this is related to bug fixes of the BEAST (Browser Exploit Against SSL/TLS) attack

  • bug 702111 - Servers intolerant to 1/n-1 record splitting. "The connection was reset" (see also comment 60)
more options

This does not appear to be the same problem. In bug 702111 the page https://store.toto-dream.com/toto/member/ToHPLogin.do could not be opened. I can open this page without problem and the form is shown. The problem I have seems to be related to proxy which analyze SSL traffic generating a certificate on the fly. Usually in these case Firefox gives a security warning. Before version 10.0 I was able to continue and open the page but now after accepting I got the error: "HTTP Error Status: 400 Bad Request"