Date: Tue, 28 Jul 2015 23:30:40 +1000 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Polytropon <freebsd@edvax.de> Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD Forum access problem (was Re: Endless Data Loss) Message-ID: <20150728230108.T17327@sola.nimnet.asn.au> In-Reply-To: <20150726180913.bfa82863.freebsd@edvax.de> References: <mailman.67.1437912001.91662.freebsd-questions@freebsd.org> <20150726233449.M17327@sola.nimnet.asn.au> <20150726180913.bfa82863.freebsd@edvax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 26 Jul 2015 18:09:13 +0200, Polytropon wrote: > On Sun, 26 Jul 2015 23:58:25 +1000 (EST), Ian Smith wrote: > > That's not the problem. The problem with the forums site is that it no > > longer allows connections using SSLv3 or TLS 1.0 .. it requires at least > > TLS 1.1 now, and might later accept only TLS 1.2, even just for reading. > > Thank you for clarification! I've set the security options > to only (!) allow TLS 1.1 and 1.2, _no_ SSL v3 or TLS 1.0, > and now I can connect to the forum again. I'll check now if > the other few websites I visit will be "impacted" by that > configuration change. I don't think you needed to disable older protocols - unless you want to not permit yourself to connect to older sites that only present those protocols - in order for the highest/latest options to be selected where they are enabled and perhaps demanded as in the case of the forums. But you should test that assumption, which is all it is. I've since found that even my not-SO-ancient firefox from 9.1 to 9.2-stable times would not connect to forums.freebsd.org either. % pkg info firefox firefox-23.0,1 Name : firefox Version : 23.0,1 Installed on : Sun Jul 20 02:37:45 EST 2014 Origin : www/firefox Architecture : freebsd:9:x86:64 Had to go hunting in the bowels of about:config to find what SSL protocols were set, and it just showed '1' (as an integer), so after some more hunting, on a hunch I tried '2' there. That worked! but I have not the slightest idea why it does, or what '2' signifies :) cheers, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150728230108.T17327>