FreeBSD Forum access problem (was Re: Endless Data Loss)
Ian Smith
smithi at nimnet.asn.au
Tue Jul 28 13:30:55 UTC 2015
On Sun, 26 Jul 2015 18:09:13 +0200, Polytropon wrote:
> On Sun, 26 Jul 2015 23:58:25 +1000 (EST), Ian Smith wrote:
> > That's not the problem. The problem with the forums site is that it no
> > longer allows connections using SSLv3 or TLS 1.0 .. it requires at least
> > TLS 1.1 now, and might later accept only TLS 1.2, even just for reading.
>
> Thank you for clarification! I've set the security options
> to only (!) allow TLS 1.1 and 1.2, _no_ SSL v3 or TLS 1.0,
> and now I can connect to the forum again. I'll check now if
> the other few websites I visit will be "impacted" by that
> configuration change.
I don't think you needed to disable older protocols - unless you want to
not permit yourself to connect to older sites that only present those
protocols - in order for the highest/latest options to be selected where
they are enabled and perhaps demanded as in the case of the forums.
But you should test that assumption, which is all it is.
I've since found that even my not-SO-ancient firefox from 9.1 to
9.2-stable times would not connect to forums.freebsd.org either.
% pkg info firefox
firefox-23.0,1
Name : firefox
Version : 23.0,1
Installed on : Sun Jul 20 02:37:45 EST 2014
Origin : www/firefox
Architecture : freebsd:9:x86:64
Had to go hunting in the bowels of about:config to find what SSL
protocols were set, and it just showed '1' (as an integer), so after
some more hunting, on a hunch I tried '2' there. That worked! but I
have not the slightest idea why it does, or what '2' signifies :)
cheers, Ian
More information about the freebsd-questions
mailing list