Skip to content

Instantly share code, notes, and snippets.

@chanux
Last active August 29, 2015 13:56
Show Gist options
  • Save chanux/9227845 to your computer and use it in GitHub Desktop.
Save chanux/9227845 to your computer and use it in GitHub Desktop.
Making Firefox a 'probably okay' SSL client
My current firefox version is 26 (on Ubuntu). It's said to be a bad SSL client.
Check yours here: https://www.howsmyssl.com
The issues on version 26 are supported SSL version and the cipher suit used.
I managed to fixed this by using following about:config settings
security.tls.version.max = 3 (TLS v1.2)
security.ssl3.rsa_fips_des_edes_sha = false
Apparently, disabling rc4 is a good idea (thx @drac). Read more about that at: http://blog.yjl.im/2013/12/disabling-tlsssl-rc4-in-firefox-and.html
In short search for rc4 in about:config and change 6 entries to false.
Also keep in mind: security is not a game you do a few clicks and win. Just be aware that things change all the time for worse and react accordingly to make sure things are *probably* OK.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment