Engels Antonio: SSL Version Control


Firefox 35.0 displayed this error while accessing Google today:

Secure Connection Failed

An error occurred during a connection to www.google.com. The server rejected the handshake because the client downgraded to a lower TLS version than the server supports. (Error code: ssl_error_inappropriate_fallback_alert)

SSL Version Control to the rescue:
https://addons.mozilla.org/en-US/firefox/addon/ssl-version-control/

SSLv3 is now insecure, and is soon going to be disabled by default.

The POODLE Attack and the End of SSL 3.0

In the meantime, you can use this extension to turn off SSLv3 in your copy of Firefox. When you install the add-on, it will set the minimum TLS version to TLS 1.0 (disabling SSLv3). If you want to change that setting later, like if you really need to access an SSLv3 site, just go to Tools / Add-ons and click the “Preferences” button next to the add-on. That will give you a drop-down menu to select the minimum TLS version you want to allow.


Source From: fedoraplanet.org.
Original article title: Engels Antonio: SSL Version Control.
This full article can be read at: Engels Antonio: SSL Version Control.

Advertisement


Random Article You May Like

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*