Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Re: SM2.1 nightly SSL error renegotiation not allowed

52 views
Skip to first unread message

dominique

unread,
Feb 19, 2010, 9:57:52 AM2/19/10
to
dominique wrote, On 2/19/2010 10:28 AM:
> Hello all,
>
> I use the SM2.1 nightlies at work and since a few days I get the
> following error when login to my company portal:
>
> Secure Connection Failed
> An error occurred during a connection to login.portal.<company>.com.
> Renegotiation is not allowed on this SSL socket.
> (Error code: ssl_error_renegotiation_not_allowed)
>
> As far as I know, nothing has changed there, nor in the certificates I
> use (mine and the cert authority, which is in this case my company).
>
> When I use Firefox 3.6, I don't get the error, although I have the same
> certificates setup.
>
> Any hint regarding the cause ? anything I can do to avoid this issue ?
> Thanks for the help
>
> Dom,
> (and yes, I must be brave at heart to use the nightlies for my work :-) )

Mmm, I guess a little goolging never hurts:
https://developer.mozilla.org/NSS_3.12.5_release_notes

All SSL3/TLS renegotiation is disabled by default in NSS 3.12.5, which
is used in bleeding-edge Mozilla stuff...
Good to know...

Is there a way to disable this feature for a domain, a destination ?
temporarily ?

I see there that " If an application depends on renegotiation feature,
it can be enabled by setting the environment variable
NSS_SSL_ENABLE_RENEGOTIATION to 1. By setting this environmental
variable, the fix provided by these patches will have no effect and the
application may become vulnerable to the issue."

How can I set this environment variable ? is there a preference to set
in about:config ?

thanks to all (and thanks to all the developers for Seamonkey !!)
Dominique

Mark Hansen

unread,
Feb 19, 2010, 11:18:00 AM2/19/10
to

Environment variables are set outside of SeaMonkey. How/where you set
them depends on your operating system. For example, if you're running
Windows/XP, one way is to right click on the My Computer desktop icon
and select Properties. Then click on the Advanced tab, then the
Environment Variables button.

On this page, you can set the Environment variable for the logged-in
user, or for all users (system variables). Note that if you set it
for the logged-in user, you may need to log out and back in for the
setting to take effect.

Best Regards,

dominique

unread,
Feb 19, 2010, 11:51:39 AM2/19/10
to
Mark Hansen wrote, On 2/19/2010 5:18 PM:
> Environment variables are set outside of SeaMonkey. How/where you set
> them depends on your operating system. For example, if you're running
> Windows/XP, one way is to right click on the My Computer desktop icon
> and select Properties. Then click on the Advanced tab, then the
> Environment Variables button.
>
> On this page, you can set the Environment variable for the logged-in
> user, or for all users (system variables). Note that if you set it
> for the logged-in user, you may need to log out and back in for the
> setting to take effect.
>
> Best Regards,

Thanks a lot !

Something to remember as the vulnerability is still open !

Dominique

0 new messages