Cannot connect securely because the site uses an older insecure version of the SSL protocol

From MozillaZine Knowledge Base
Jump to navigationJump to search

This article deals with a message about a Mozilla application not being able to connect securely to (site name) because the site uses an older, insecure version of the SSL protocol when trying to browse to certain web sites or connect to certain servers. For information on other messages received when accessing secure sites, see Error loading secure sites.

The message is shown because support for version 2 of the SSL protocol (SSL2) is disabled by default in recent versions of Firefox, Mozilla Suite, and Thunderbird. Its insecure and rarely used since it was deprecated in 1996. Its been replaced by version 3 of the SSL protocol (SSL3) and TLS.

If you have to use SSL2 for a specific web site or server you can enable it as follows:

Firefox, SeaMonkey/Mozilla Suite:

  1. Type about:config in the Location Bar.
  2. Press Enter.
  3. Find the preference name security.enable_ssl2.
  4. Double click on it to set it to true.

You may also need to enable specific ciphers. Still in about:config, enter ssl2 into the filter box and enable the ciphers presented.[1]

Thunderbird:

  1. Tools -> Options -> Advanced -> General -> Config Editor
  2. Type ssl2 in the edit field at the Filter: prompt
  3. Find the row with security.enable_ssl2
  4. Double click on it to set it to true.

You will also need to enable some of its ciphers (such as security.ssl2.des_64 and security.ssl2.rc4_128) by double clicking on them.