The first problem with FF2 and IE7 and it hits us from https://accounts.unimelb.edu.au/; in both Firefox 2.0 and IE 7 SSL2 is off by default in favour of the more secure SSL3 or TLS 1.0
Error from Firefox 2.0
Error from IE 7
The steps for the Firefox workaround is as follows:
- In the URL pane type about:config
- In the Filter pane (just below the URL pane) type security This will jump the window down to the section dealing with security
- Double click the line that says security.enable_ssl2
- Double click the line that says security.ssl2.des_ede3_192 This will change the value of these items from false to true and everything will now work.
— Mat Hudson
And to setup Internet Explorer v7
SSL2 must be enabled in IE7 for it to work.
To enable, open IE7 go to Tools>Internet Options->Advanced->Check use SSL2.0
Change IE7 to allow ssl2
You will still get an error page from https://accounts.unimelb.edu.au/ as the page contains both secure and nonsecure items (mainly the images). Depending on your IE 7 settings it will also probably try to down load “accgen.exe” as a Win32 executable rather than treating it as a cgi … I’ll need to look at this a bit more closely as it may be the interaction of one of my download helpers.
Interesting reading from the IEBlog 22-Oct-2005;
Upcoming HTTPS Improvements in Internet Explorer 7 Beta 2 [1]
…IE7 follows the XPSP2 “secure by default” paradigm by defaulting to the secure behavior.
Most importantly, IE7 will block navigation to HTTPS sites that present a digital certificate that has any of the following problems:
* Certificate was issued to a hostname other than the current URL’s hostname * Certificate was issued by an untrusted root * Certificate is expired * Certificate is revoked ”
…
If your site requires SSLv2, please reconfigure it to permit SSLv3 or TLSv1 connections.
…
To confirm from the IEBlog 24-Aug-2006;
Internet Explorer 7 Release Candidate Now Available [2]
…
TLS1 ON, SSL2 OFF is correct for IE7. IE6 had the (less-secure) opposite settings
…
Time for Rubens to have an SSL upgrade! What will we find next? 😉
[1.] Upcoming HTTPS Improvements in Internet Explorer 7 Beta 2 [IEBlog]
[2.] Internet Explorer 7 Release Candidate Now Available [IEBlog]
Thanks!
I couldn’t even get online with FF2, because the authentication page at work uses SSL2…