Bug#766007: iceweasel: SSL error - cannot connect to certain servers
Mike Hommey
mh at glandium.org
Fri Oct 24 02:23:23 UTC 2014
On Fri, Oct 24, 2014 at 10:56:09AM +0900, Norbert Preining wrote:
> Hi Daniel,
>
> > It looks like this is a really old server, which can only support SSL
> > v3.0.
>
> That could well be ... unfortunately
>
> > what if you add the flag "-V ssl3:ssl3" to the tstclnt implementation?
>
> Looks better, finishes with
> ...
> tstclnt: using asynchronous certificate validation
> tstclnt: Read from server -1 bytes
> tstclnt: handshake was paused by auth certificate hook
> tstclnt: authentication of server cert failed: SEC_ERROR_UNTRUSTED_ISSUER: Peer's certificate issuer has been marked as not trusted by the user.
> tstclnt: exiting with return code 254
>
> Does that mean it is actually an ssl3 problem, only?
If it is, you can try to go to about:config, and change
security.tls.version.min to 0.
I would have expected a different error, though.
(ssl_error_no_cypher_overlap)
Mike
More information about the pkg-mozilla-maintainers
mailing list