Firefox 2.0: SSL 2 Tweak

Firefox 2, no longer allows you to enable SSL 2 encryption protocols due to the fact SSL 2 is not very secure. However, some folks may run into sites that insist you have SSL 2 Protocol enabled. Once again a simple about:config change:

  1. In a new tab type about:config in the address bar and press enter or open the about:config editor if you have the extension
  2. In the filter field enter security.enable_ssl2
  3. Double click the entry so the value is true
  4. Close the tab or about:config editor

Permalink

48 Comments on Firefox 2.0: SSL 2 Tweak

  1. Hi,
    Yes, I set this security.enable_ssl2 to true and FireFox2 is still not working with nemoves.com website
    When I open Tools/Options/Advanced there is still no SSL2.0 checkbox. Can you help me how to enable FireFox2 to support SSL2.0. Thank you.

  2. In about:config, do a search for security.ssl2 and enable the ciphers you see there. That did the trick for me.

  3. What an absolute joke! Why would Mozilla think that they can apply any pressure back onto site admins to upgrade their version of SSL? While they’re at it – why don’t they restrict users so that they can only see sites the have 100% support for web standards?! I totally agree that it would be great if everyone used the latest versions of all technologies. However by putting users in the middle of issues like this they’re just going to drive them back to using IE6/7. Average users (including the non-techies who pay the bills to maintain the SSL2 sites) won’t see this as an academic debate and will instead interpret it as FF being broken πŸ™

  4. I agree with ctbattles. I’m at work right now tweaking our workstations because we are using daily this one site which has ssl2 and I have upgraded to FF2.0 with out a clue of this feature. i had to enable all options that stated security.ssl2… to get the ssl2 site to work.

    There is no point in making the end user’s life more diffucult because of slow-reacting admins.

    -Tomi

  5. Pete from Wisconsin | November 6, 2006 at 8:24 AM |

    This is quite an irritating situation. I’m in an airport, Sprint apparently uses SSL2, and Firefox doesn’t work. I fired up IE to make the connection instead, and of course, it worked. That, on top of the LOTS more lockups I’m getting from FF2.0 than I did before I “upgraded”, has me SERIOUSLY looking at a return to the dark side of the browser wars.

    Come on, Mozillans, you guys can do better than this.

    Please, do.

  6. I still can’t open the website in https mode – even after enabling all the items stated above.
    Any solutions/ideas ?

  7. Chris Elmquist | November 8, 2006 at 1:58 PM |

    I also performed all of above enables and the SSL 2.0 option does not display nor will it connect to an SSL 2.0-only web service. This is FF 2.0 on Linux. Tarball downloaded directly from Mozilla.

  8. Trying to access my PDM and this uses a different version of SSL. Have done the above but to no avail. Any other ideas please? I could do this b4 I upgraded. Now I cant view the PDM using F.F 2.0. I can do same with IE7.

    Any ideas please?

  9. I can’t get this to work to save my life… last night Firefox downloaded an update… and when I installed the update and rebooted Firefox, suddenly I found I couldn’t get into ANYTHING.. not my MSNBC board, or MSN hotmail.. or Yahoo for that matter… what the feck???????????

  10. HELP!!!!!!!!!!!!!!!!!

  11. I HATE Firefox!

  12. @Debi not sure why it is not working, I have no issues with Yahoo, Windows Live Mail (Hotmail) or any other secure site. Take a look at this: http://kb.mozillazine.org/SSL_is_disabled

  13. Christian Sonne | December 21, 2006 at 11:11 AM |

    I think having it disabled by default is the only responsible thing to do – if it was on, users could be seeing the ‘secured’ logo and think they are safe, when in fact they are not

  14. Thank you, ffextensionguru… and I apologize for my language the other night… I was just so frustrated at not being able to get into anything that I got a little too hot under the collar… thanks again, and I’ll try the website you posted when I get home tonight.

  15. After tweaking and it still didn’t work for me. Disappointed~
    I’m giving up on firefox already!!!

  16. i did what he said…
    i went about:config and enabled SLL2
    but i filtered only the word sll2 and i enable all XD
    i dont know it works or not

  17. i no whats your problem
    i can help you.

    Who have problem with adding the add-ons

    you must :
    1. Go to Tools>Options>Advanced>Encryption>mark the
    use SSL 3.0

  18. thomas smith | January 16, 2007 at 1:35 AM |

    same problem as debi, have been using FF instaled ver2 and now i cant get into hotmail etc.
    screen says cannot because ssl disabled but i looked and it is checked!!!??? thinks the ssl protocols are bad?
    ff ver 1.5 was working perfectly good
    any ideas?

  19. You need to change this value to TRUE to get SSL 2.0 to work

    security.ssl3.rsa_rc4_40_md5

  20. You have to enable 2 values!

    security.enable_ssh2 – true
    security.ssl2.rc4_128 – true

    πŸ˜‰

  21. I recently installed FFv2 and now anytime I try to go to ANY https://, I get the error message:

    Firefox can’t establish a connection to the server at http://www.paypal.com.

    * The site could be temporarily unavailable or too busy. Try again in a few
    moments.

    * If you are unable to load any pages, check your computer’s network
    connection.

    * If your computer or network is protected by a firewall or proxy, make sure
    that Firefox is permitted to access the Web.

    I have tried enabling every single thing in the above posts and I have gotten nothing. I also now do not know which ones were true or false πŸ˜₯

    Anyone please help me and make this work. I use Windows XP home edition and EI will not work on my system for some reason so thats out.

  22. @Python

    did you check on mozillaZine (http://kb.mozillazine.org/SSL_is_disabled)?

    Also in the about:config, anything that has been changed is now in bold.

  23. Yes sir, sure did. No luck there either. I also tried to install EI version 7 and I am getting the same thing with it. Try to access anything secure and I get a message like the one above. I also found something called ddayx.dll while trying to mess with my firewall. After googling it I found out that it was the cause of my EI issues but upon deleting it, I am getting nothing new and everything is still messed up.

    Im lost.

  24. Mike Williams | March 24, 2007 at 5:51 PM |

    After enabling all ssl2 options in about:config firefox would still not connect to the site that was causing me problems. I used lwp-request to fetch the headers from the site and saw that it was using EXP-RC4-MD5 for its cipher.

    Although there was no setting for this under ssl2, I found:

    security.ssl3.rsa_rc4_40_md5 in about:config and set that to true and it worked. The same settings changes worked on debian linux and on windows xp.

    After writing this I noticed that RA had mentioned the rc4_md5 setting. But, since I had missed it the first time around, I thought I’d post this anyhow in case someone else missed it as well.

  25. I’ve did near everything you wrote in the comments and still i can’t connect to https sites coz when i write a address exp. gmail.com the page stays like how it was i can even see any warnings or anything.

  26. Python12, just a note. If you have a software firewall (like ZoneAlarm), you have to reauthorize any outbound access for Firefox when you install a newer version. This gets me every time, since it still blocks access even when it is not running, it just doesn’t pop-up asking for permission.

  27. WEll, buggers- I tried each, and all of the above tweaks, including deleting the cert8.db file, and changing the ssl3.rsa_rc4_40_md5 to true and back again to false.
    Also, checked the el`lamo MS firewall to ensure its allowing the usual flux of everything in and out.
    My bank site wont let me in, and with a chuckle, neither would a couple of Mozilla links!
    Every time I fire up Firefox, get the warning.

    So, screw it, how do I delete 2.0, go back to the old version without losing the data I just spent several hours recovering (corrupt profile ate 3 years of links)

    regards, CWG

  28. I enabled all ssl2 and some ssl3 settings and then it worked for me. Firefox is a great browser. It’s a shame the developers didn’t wait with the ssl2 default off option. But that is the nature of computers og software. There is always a switch you have to move.

    :)-|algeir

  29. LOL, I have become one of those random config:changers.
    Enabled all SSL anythings and set them to true, cleaned, rebooted…same ol same ol….
    better go fix that-

  30. Seems to have “fixed” itself after a reinstall of FFduex.
    I DL’d the file, reinstalled over the top and its working….for now!

    regards

  31. Dancing_bear | April 24, 2007 at 3:20 AM |

    changing all of those security.bla_bla_bla had no effect

    but after I created security.enable_ssh2 – true — everything works fine!

  32. Hi Gurus,
    After going through each switch in ssl2 and ssl3, i could get the ssl2 working. This is what should be done.
    1. enable security.enable_ssl2 to true
    2. enable security.enable_ssl3 to true
    3. enable security.ssl3.rsa_rc4_40_md5 to true

    Close the FF browser windows if they are opened and open again, try.
    This should work.

    Regards,Raj

  33. I experienced the same problems after I imported my IE favorites and settings to Firefox. I couldn’t even access Firefox addons website and I had ssl enabled. I unchecked the block popup windows box under firefox-tools-content and that solved my problem.

  34. I’ve experienced the same problem as python12. I’ve enabled any ssl2/ssl3 option, except disk_cache_ssl, but still couldn’t connect to http://www.paypal.com or any other SSL encrypted site (banking, webmail…).

    The solution for me was to have a look at my personal firewall options and saw that some traffic regarding FF was blocked. After unblocking SSL connections could be instantly established.

    I remember a lot of firewall warnings, that FF was trying to connect to the internet by using one of these protocols: UDP/ICMP/TCP (at this time I was *not* doing anything with FF, FF was just open and had some open pages).

    Because FF is a webbrowser and the web’s protocol is HTTP/HTTPS, I became suspicious and blocked those connections. I know, that HTTP/HTTPS runs upon TCP/IP, but doing TCP/IP is not FF’s job. The browser should stick to the abstraction!.

    Regards,
    Michael

  35. Thanks to Raj..

    I’ve tried everything but somehow it getting more worst. I can’t even open any encrypted pages including mails.

    Then I tried to change

    1. enable security.enable_ssl2 to true
    2. enable security.enable_ssl3 to true
    3. enable security.ssl3.rsa_rc4_40_md5 to true

    Everything works just fine. =) Thank you!!!

  36. After trying EVERYTHING else suggested, I (ugh) downloaded the MSIE 6 SP1 and low and behold, I can check my email again. WooHoo!

    Still not sure what exactly happened here, but the SP1 update fixed it for me! Thank goodness I’m not forced to use Explorer again.

    Good luck to all you other frustrated people – this little “issue” only took me 5.5 hours to rectify.

  37. I have FF 2.0.09 on Linux UBUNTU and can’t access any of HTTPS sites.
    I’ve done done all of the following:
    1. enable security.enable_ssl2 to true
    2. enable security.enable_ssl3 to true
    3. enable security.ssl3.rsa_rc4_40_md5 to true

    and still did not fix the problem.

    Does anybody know what else could be a problem?

  38. I get this message when opening FF 2.0.0.9. Is this problem related to this discussion?

    Could not initialize the browser’s security component. The most likely cause is problems with files in
    your browser’s profile directory. Please check that this directory has no read/write restrictions and
    your hard disk is not full or close to full. It is recommended that you exit the browser and fix the
    problem. If you continue to use this browser session, you might see incorrect browser behaviour
    when accessing security features.

  39. What a great dispointement. Nothing work. I will have to go back to WinXP and IE6 or IE7 because those version work

  40. Just wanted to say this saved my ass so a million thank yous to you

  41. Try

    apt-get install libsqlite3-0 libsqlite0

    in debian system, if your linux uses another distribuition find how you
    install these packages.

    Att
    Mauricio de Sousa Coelho

  42. Nothing Here WORKS!!!

  43. did your suggestion but nothing happens… why it is so hard to find a solution to such a simple problem…. though maybe i am in a different situation. i am trying to connect to one of our servers that requires certificate or authentication thru ssl, in IE 6 no problem, firefox only error. so whats up with firefox 2.0????????

  44. Thank you for this. I kept having problems with IE and I decided to switch to Firefox. Being unfamiliar with firefox I knew I would have some learning to do. When I went to check my yahoo email, it kept saying ssl protocol disabled and I was stumped because I’m not a computer expert or even close.

    Thanks for this because thru googling I found this site and was able to correct the problem.

  45. Had a similar problem on my mac, i couldn’t access htts sites at all,
    until i discovered that my problem was i my firewall (little snitch) denying access to port 403 on https sites… once i allowed it … no problems…
    so checking the firewall might be an idea …..

  46. Should really update the original blog entry to include the info in the first comment. The fix in the blog didn’t do anything until I also did what was mentioned in the 1st comment.

  47. opp’s sorry, I mean 2nd comment from Obfuscated

  48. sorry I am new to the web and couldn’t find where to post, I would REALLY appreciate some help, this is driving me nuts.

    In FFox, under security – warnings, all are UNchecked. However when i go to my webmail, I always see the security warning, although..da..da..da………..at login.

    please help me πŸ™‚
    Thanks for this great site!

2 Trackbacks & Pingbacks

  1. Firefox Extension Guru’s Blog Fx Not Accessing Secure Sites «
  2. Ruben’s blog » Blog Archive » Certificate authentication not working with correos.es and Firefox 3.0?

Comments are closed.