What we have here is failure to communicate!

Posted on October 25, 2006 by

The first problem with FF2 and IE7 and it hits us from https://accounts.unimelb.edu.au/; in both Firefox 2.0 and IE 7 SSL2 is off by default in favour of the more secure SSL3 or TLS 1.0


Error from Firefox 2.0


Error from IE 7

The steps for the Firefox workaround is as follows:

  1. In the URL pane type about:config
  2. In the Filter pane (just below the URL pane) type security This will jump the window down to the section dealing with security
  3. Double click the line that says security.enable_ssl2
  4. Double click the line that says security.ssl2.des_ede3_192 This will change the value of these items from false to true and everything will now work.

— Mat Hudson

 

And to setup Internet Explorer v7

 

SSL2 must be enabled in IE7 for it to work.
To enable, open IE7 go to Tools>Internet Options->Advanced->Check use SSL2.0


Change IE7 to allow ssl2

You will still get an error page from https://accounts.unimelb.edu.au/ as the page contains both secure and nonsecure items (mainly the images). Depending on your IE 7 settings it will also probably try to down load “accgen.exe” as a Win32 executable rather than treating it as a cgi … I’ll need to look at this a bit more closely as it may be the interaction of one of my download helpers.

Interesting reading from the IEBlog 22-Oct-2005;

 

Upcoming HTTPS Improvements in Internet Explorer 7 Beta 2 [1]

IE7 follows the XPSP2 “secure by default” paradigm by defaulting to the secure behavior.

Most importantly, IE7 will block navigation to HTTPS sites that present a digital certificate that has any of the following problems:

* Certificate was issued to a hostname other than the current URL’s hostname * Certificate was issued by an untrusted root * Certificate is expired * Certificate is revoked ”

If your site requires SSLv2, please reconfigure it to permit SSLv3 or TLSv1 connections.

To confirm from the IEBlog 24-Aug-2006;

 

Internet Explorer 7 Release Candidate Now Available [2]

TLS1 ON, SSL2 OFF is correct for IE7. IE6 had the (less-secure) opposite settings

Time for Rubens to have an SSL upgrade! What will we find next? ;)

 

[1.] Upcoming HTTPS Improvements in Internet Explorer 7 Beta 2 [IEBlog]
[2.] Internet Explorer 7 Release Candidate Now Available [IEBlog]

About these ads
This entry was posted in firefox, internet explorer, soe. Bookmark the permalink.

One Response to What we have here is failure to communicate!

  1. Knut Erik Teigen says:
    October 27, 2006 at 4:52 pm

    Thanks!

    I couldn’t even get online with FF2, because the authentication page at work uses SSL2…

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Cancel

Connecting to %s