Disable SSL3 in Firefox

Topic

New Reply

This add-on seems to work fine on my Firefox 33.0.2:
https://addons.mozilla.org/en-US/firefox/addon/ssl-version-control/

Before you wonder "Am I doing things right," ask "Am I doing the right things?"

Reply | Quote

Replies

That’s good news Berton,

When I found out I could modify one of the about:config settings I went that route,

FF v33.0 Settings:
Rather than use the FF add-on I set my security.tls.version.min from about:config, the original setting was 0 and I changed it to 3, but had to switch back to 1 because of all places I couldn’t reach https://support.mozilla.org
0 means SSL 3.0 and higher is enabled, 1 means TLS 1.0 and higher is enabled, 2 means TLS 1.1, and higher is enabled.

The security.tls.version.max was originally 3 and I left it as is.

Source: Vulnerability in SSL 3.0 Could Allow Information Disclosure, v1.1 | SevenForums

if anyone else has problems with keeping SSL3 off usually because of add-ons or extensions try this:

[*]>Open about:config; Copy/paste/type, about:config , into your address bar >click on “I’ll be careful, I promise!
[*]>Copy/paste/type, security.tls , into the Search bar
[*]>Right click on security.tls.version.min >Modify >In the Enter Integer Value Box, change the 0 to a 1 >Click on OK.

Your config should look like this:
38385-wss-sll3-tls

[*]>Close the about:config Tab.
[*]>Restarting Firefox is your option.

Security.tls.version.*

SSLv3 will be disabled by default in Firefox 34, which will be released on Nov 25.

Reply | Quote