Handshake Exception with Firefox and Jetty Servlet Container
We do have a strange problem with Firefox 2 and Jetty 6.1 (a Servlet Container) using HTTPS to communicate: At some stage Firefox (FF) sends a ClientHelloV2, to which Jetty responds with a ServerHelloV3. This leads to a handshake failure for this handshake and for any subsequent attempt.
To avoid the handshake failures there are 2 options:
1.) restart FF
2.) change the servername or port, by using ssltap [2] as a proxy.
[FF] --> [ssltap] --> [Jetty]
That way it is possible to change the port without restarting
FF and Jetty, and to debug the SSL traffic.
Both options make FF to start a SSL session, by sending a ClientHelloV3. Then everything works until we get to the same stage described above.
h2. Logs:
From what I can see in the logs of ssltap, Firefox is sending some data, which might be something like a partial handshake (?).
--> [
alloclen = 63 bytes
(63 bytes of 63)
[Wed Jan 09 12:18:41 2008] [ssl2] ClientHelloV2 {
version = {0x03, 0x00}
cipher-specs-length = 36 (0x24)
sid-length = 0 (0x00)
challenge-length = 16 (0x10)
cipher-suites = {
(0x000039) TLS/DHE-RSA/AES256-CBC/SHA
(0x000038) TLS/DHE-DSS/AES256-CBC/SHA
(0x000035) TLS/RSA/AES256-CBC/SHA
(0x000033) TLS/DHE-RSA/AES128-CBC/SHA
(0x000032) TLS/DHE-DSS/AES128-CBC/SHA
(0x000004) SSL3/RSA/RC4-128/MD5
(0x000005) SSL3/RSA/RC4-128/SHA
(0x00002f) TLS/RSA/AES128-CBC/SHA
(0x000016) SSL3/DHE-RSA/3DES192EDE-CBC/SHA
(0x000013) SSL3/DHE-DSS/DES192EDE3CBC/SHA
(0x00feff) SSL3/RSA-FIPS/3DESEDE-CBC/SHA
(0x00000a) SSL3/RSA/3DES192EDE-CBC/SHA
session-id = { }
challenge = { 0xa954 0x2122 0x3e82 0xb993 0xd72f 0xea54 0x779f 0x958c }
The server responds with:
<-- [
(1161 bytes of 1156)
SSLRecord { [Wed Jan 09 12:18:41 2008]
0: 16 03 00 04 84 |....�
type = 22 (handshake)
version = { 3,0 }
length = 1156 (0x484)
handshake {
0: 02 00 00 46 |...F
type = 2 (server_hello)
length = 70 (0x000046)
ServerHello {
server_version = {3, 0}
random = {...}
0: 47 84 ad 91 a1 f6 cb e5 f8 e2 f0 46 60 4b dd 48 | G����.╦.�.�F`K.H
10: 13 a8 93 96 d2 4f 2b d8 2d fe 49 2f 22 e5 29 5e | .����O+�-.I/".)^
session ID = {
length = 32
contents = {..}
0: 47 84 ad 91 84 b7 ef 62 92 fb 03 d7 8a 41 ae 82 | G������b��.�.A�.
10: d5 57 a3 e0 24 cc b5 2e b2 c7 29 3d 3a 37 a6 11 | ıW��$╠�.▓�)=:7�.
cipher_suite = (0x0032) TLS/DHE-DSS/AES128-CBC/SHA
0: 0b 00 02 f6 |....
type = 11 (certificate)
length = 758 (0x0002f6)
CertificateChain {
chainlength = 755 (0x02f3)
Certificate {
size = 752 (0x02f0)
data = { saved in file 'cert.001' }
0: 0c 00 01 38 |...8
type = 12 (server_key_exchange)
length = 312 (0x000138)
0: 0e 00 00 00 |....
type = 14 (server_hello_done)
length = 0 (0x000000)
+Then FF responds with a handshake failure:+
--> [
(7 bytes of 2)
SSLRecord { [Wed Jan 09 12:18:41 2008]
0: 15 03 00 00 02 |.....
type = 21 (alert)
version = { 3,0 }
length = 2 (0x2)
fatal: handshake failure
0: 02 28 |.(
I am pretty stuck. Do you have any idea? Or can you give me any advice, how to further investigate this problem?
Thanks,
-Stefan
[2] http://www.mozilla.org/projects/security/pki/nss/tools/ssltap.html
I did some more analysis:
When I replace the keystore by another keystore provided by the Jetty
distribution, Firefox will not complain about the handshake
exception. Nevertheless there are handshake exceptions, and the SSL
level switches from TLS to SSLv3.
Now I guess the question is: What is the difference between the two
keystores?
Answer: As far as I can see, the Keystore provided in the Jetty distro
has expired in 2001, while my keystore is still valid (although also
self-generated).
Could it be, that Firefox some is less strict regarding handshake
failures, after you have told it to accept an expired certificate?
I am not sure whether this is problem of JSSE, or not? What do you think?
Similar Messages
-
I had installed DivX and it includes DivX Web player but, when i remove it, the problem happend. When I click on a video, the bar which contains play, stop... buttons is there. But when the video nearly play, it disapears. The problem just happen with Firefox and Chrome, but it doesn't mean with IE. Help me plz, I hate using IE just love FF but the problem prevent me from watching video on youtbe which is very terrible with me.
This is my problem, see the picture.
-
OpenScript recording is slow with FireFox and ADF 11g
Hi everybody;
I trying the OpenScript for recording some scenarios, and I am facing some problems:
1- When I use the internet explorer (IE) it records fine with an acceptable speed, but when I replay the recorded script it misses out the fields and the links that I clicked, meaning: it starts to highlight other places on my page which I didn’t click while I was recording.
2- When I use FirexFox, I get other kind of problems. First the recording is unbelievably slow. It might take a minute or two for every link I click to respond. Also when I replay the script it executes faster than it did while recording but much more slower than doing the same scenario in real time meaning: doing it directly on the browser by a real user.
Kindly note that my application is an ADF 11g application with EJB3 and the application server is Weblogic 11 and the database is oracle 10g.
Any ideas will be appreciated
Thank you allNote that Firefox 36 has been released officially.
*https://www.mozilla.org/en-US/firefox/36.0/releasenotes/
It is possible that your security software (firewall, anti-virus) blocks or restricts Firefox or the plugin-container process without informing you, possibly after detecting changes (update) to the Firefox program.
Remove all rules for Firefox and the plugin-container from the permissions list in the firewall and let your firewall ask again for permission to get full, unrestricted, access to install for Firefox and the plugin-container process and the updater process.
See:
*https://support.mozilla.org/kb/Server+not+found
*https://support.mozilla.org/kb/Firewalls
*https://support.mozilla.org/kb/fix-problems-connecting-websites-after-updating -
For example access eBay with Firefox and launch a search on the word Frankenstein: you'll get something like 23,671 results (if you search in ''All categories''). Then quit the Firefox browser and load Microsoft Internet Explorer instead; access eBay again and repeat the very same search: this time you'll get 25,383 results. These are reral figures that I tried at 19:21 on March 20, 2014. Why does a search on eBay through Firefox report less hits than the very same search through Internet Explorer? Using Firefox rather than Microsoft Internet Explorer automatically means missing hits/results/items on eBay: that doesn't make sense but it does happen. Why is it so? Thank you, somebody, for shedding light on this problem.
Try this steps and try to load the same once again!!!
Hello,
Many site issues can be caused by corrupt cookies or cache. In order to try to fix these problems, the first step is to clear both cookies and the cache.
Note: ''This will temporarily log you out of all sites you're logged in to.''
To clear cache and cookies do the following:
#Go to Firefox > History > Clear recent history or (if no Firefox button is shown) go to Tools > Clear recent history.
#Under "Time range to clear", select "Everything".
#Now, click the arrow next to Details to toggle the Details list active.
#From the details list, check ''Cache'' and ''Cookies'' and uncheck everything else.
#Now click the ''Clear now'' button.
Further information can be found in the [[Clear your cache, history and other personal information in Firefox]] article.
Did this fix your problems? Please report back to us!
Thank you. -
Little more can be added to the above. The warning screen says, 'A copy of Firefox is already open. Only one copy of Firefox can be open at a time.'
I have gone though all the libraries and preferences I can find and removed everything to do with Firefox and Mozilla - it was the first install of Firefox on this drive.Do a clean (re)install:
* Download a fresh Firefox copy from http://www.mozilla.com/firefox/all.html and save the file to the desktop.
* It is important to delete the Firefox program folder to remove all the files and make sure that there are no problems with files that were leftover after uninstalling.
Your bookmarks and other profile data are stored elsewhere in the [http://kb.mozillazine.org/Profile_folder_-_Firefox Firefox Profile Folder] (not in the Firefox program folder) and won't be affected by a reinstall, but make sure that you do not select to remove personal data if you uninstall Firefox. -
I'm having a lot of issues with firefox and cannot figure out how to get help. It began when I updated to 13. I get all kinds of ad popups, I cannot play one game on FaceBook called Farm Town at all, and I keep getting an AVG popup about cookies that I cannot get rid of. These issues are causing me to use Chrome very often even though I like Fox better. I've searched and searched how to get help and cannot find anything. How does one get personal technical help?? These issues do not happen in Chrome at all. Thanks.
Do a malware check with some malware scanning programs on the Windows computer.<br />
You need to scan with all programs because each program detects different malware.<br />
Make sure that you update each program to get the latest version of their databases before doing a scan.<br /><br />
*http://www.malwarebytes.org/mbam.php - Malwarebytes' Anti-Malware
*http://www.superantispyware.com/ - SuperAntispyware
*http://www.microsoft.com/security/scanner/en-us/default.aspx - Microsoft Safety Scanner
*http://www.microsoft.com/windows/products/winfamily/defender/default.mspx - Windows Defender: Home Page
*http://www.safer-networking.org/en/index.html - Spybot Search & Destroy
You can also do a check for a rootkit infection with TDSSKiller.
*http://support.kaspersky.com/viruses/solutions?qid=208280684
See also:
*"Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked -
Site can't be viewed with IE, works with Firefox and Chrome
I have a family site that works fine with Firefox and Chrome, but with when we created a new page and uploaded it, it can't be viewed with IE.
http://www.thetravelintexans.com/states.htm was modified to add the very last picture in the last row, it was uploaded and works fine.
If you click on the last picture Andrew at Disney, it takes you to this page http://www.thetravelintexans.com/AndrewsDisney.htm . This page acts like it is loading in IE, but quickly says Done at the bottom of the screen, but it is blank. The source code can be viewed, but no detail of page at all. Again, it works fine with Firefox and Chrome.
I am using Dreamweaver CS4.
Thanks for any hints.
Fred BlairIE does get a bit anxious when it does not have DOCTYPE to work to. It tends to fall back into a quirks mode and behave irrationally. Makes me think of myself when I do not have goalposts to aim for.
Solution, merely give your pages a valid DOCTYPE and all is well. For more info see here http://validator.w3.org/check?verbose=1&uri=http%3A%2F%2Fwww.thetravelintexans.com%2FAndre wDisney.htm
Gramps. -
AVG tried to take over the Firefox Program. I unchecked some stuff on AVG and now Firefox doesn't look right. There is only a bar at the top of the page with "Firefox" and "new Tab" . How do I get the Firebox homepage back?
Google Toolbar Options, in the Search tab, make sure that '''Enable the Google new tab page''' is check-marked. If that doesn't fix it for you, see this for support information about the Google Toolbar. <br />
[http://www.google.com/support/toolbar/?hl=en] <br />
Or visit the Google Toolbar forum. <br />
[http://www.google.com/support/forum/p/Toolbar?hl=en]
As far as your UserAgent showing Firefox 3.0.11, see this: <br />
https://support.mozilla.com/en-US/kb/Websites+or+add-ons+incorrectly+report+incompatible+browser
You might want to consider getting rid of that '''desktopsmiley''' program that has messed up your UserAgent, it is known as Malware. -
Whatsnew page for 3.6.17 has formatting problems with Firefox and I.E.
I just updated from 3.6.16 to 3.6.17n and the whatsnew page, displayed after Firefox restarted, has formatting problems in the lower right hand corner.
I checked it with I.E. 8 and it also shows the formatting problem.
Why wasn't this caught before the page was put into "production"?
The URL is http://www.mozilla.com/en-US/firefox/3.6.17/whatsnew/
There is a line with the text "Release Notes » Firefox Features » Firefox Help »" that is being displayed on top of other material.
I wonder what a new Firefox user or an inexperienced user would think of this? They might think that they did something wrong or, worse, they might consider Firefox had problems and they won't use it.
This reflects badly on Firefox.
One more thing, could someone make this textarea taller and wider. It is so small as to cause problems typing and proofing the material.
The URL is https://support.mozilla.com/en-US/questions/new?product=desktop&category=d6&search=whatsnew+page+for+3.6.17+has+formatting+problems+with+Firefox+and+I.E.&showform=1
How about upping the cols and rows values? They are currently rows="10" cols="40"As you have a Power Mac you also have a alternative option to consider which is a third-party build from http://tenfourfox.blogspot.com/2011/08/601-now-available.html
-
When I opened Firefox, I found it automatically updating and trying to see if my add-ons could be updated. After I cancelled this because I didn't want this to happen, nothing is loading. It is not an internet connection issue because I am using Internet Explorer. I am sick of all the crashes and nonsense with Firefox and the constant badgering to update, when I DO NOT WANT TO. I am happy with the version I have and last time I updated I found it almost impossible to go back. Going to switch to Google Chrome
Thanks for the reply.I deleted an app to try your suggestion but as I can't download I have now lost that ap.I don't have it in 'purchased apps' now either as I downloaded it from my iTunes backup from my ipad 2 and that is not showing up any of my purchased apps either.This is a nightmare.Guess I'll have to go back into my iMac and try another backup but then I'll be back to square one.
-
Is there a compatability issue with Firefox and Andriod operating system 2.2.3? I can't get Firefox to work. I have tried uninstalling it and it won't download. in English
Hi Drbobdog, there shouldn't be a compatibility with Android OS 2.2.3. There may be a compatability with the device itself.
Here are the system requirements:
https://wiki.mozilla.org/Mobile/Platforms/Android#System_Requirements
(also seen here as well : http://www.mozilla.org/en-US/mobile/platforms/ )
I hope this helps. -
Printing from web pages is excruciatingly slow since downloading most recent upgrades of Firefox Mozilla. I have a desktop iMac, OS 10.6.8, and an HP officejet printer 4500 G510n. The printer works fine with the Safari Browser and with woodprocessed files, but not with Firefox and web pages. Help please! It used to print fast with earlier versions of Firefox.
Hello and welcome to the Apple Discussions Forum.
I have hardly any experience with HP printers but since your posting has not been replied to yet I thought I'd offer some assistance.
With the printer status and ink levels working, it shows that you have a connection to the printer. So I would look at the issue being with the protocol being used for the print queue on the Mac.
Since you have XP and Vista working, I would check the printer queue configuration on either box. In XP, go to the Properties and select Ports. Click the Configure Port tab to view the connection. If you are using RAW, then this is known as HP Jetdirect-Socket on OS X. So if you are not sure what protocol was used before I would create another printer queue, this time selecting IP > HP Jetdirect-Socket. Then enter your IP address and select the K5400dn from the Print Using menu.
If this still fails to print then please reply. There may be limitations with adding the HP driver this way that I am not aware of. There may also be other driver options you can look at, such as HPIJS. If Greg Sahli reads this posting he has expert knowledge on this matter and will be able to offer some guidance.
PaHu -
Image cache not working with Firefox and apex
Hi,
I'd like to cache all my images to save page rendering time and bandwidth because my images are all static and never change.
I use the John Scott's caching technique Link: [http://jes.blogs.shellprompt.net/2007/05/18/apex-delivering-pages-in-3-seconds-or-less/], in a few words this technique consists of adding a header line "Expires: date in the future" in the http response.
It works very well in IE, the images are cached and the same image can be accessed several times (within the same session or in different sessions) without issuing an http request to the server each time.
with Firefox it does not work, the same image is asked again and again to the server (i'm using FF 3.5 and APEX 3.2).
- Is it a date format problem? no, because when i type about:cache in FF, i can find my image in the cache with an expire date in the future.
The weird thing here is that the counter is incremented each time u request the image, so FF knows it is in the cache and even if the expire date is in the future, FF asks it again to the server.
- Is it a FF bug? If u read the http specs or if u google a little, u can come to the conclusion that FF does not follow the standards,
but... images.google.com for example manages to get its images cached with FF.
They use an http response header "cache-control: public, max-age=604800".
I tried the same and all kinds of combinations but without success.
When i compare my image with the one from google in the FF cache, they both have the same attributes.
- It's not an apex issue neither because it works with IE, most probably an incompatibility between apex and FF?
Maybe the use of cookie? or the http request (not the response) containing "cache-control: max-age=0"?
I've found so far 2 half solutions:
1) use ETag and modified date, see the Tyler Muth's note Link: [http://tylermuth.wordpress.com/2008/02/04/image-caching-in-plsql-applications/].
with this technique FF continues to send request each time but the answer is shorter because it's just a "304 not modified" instead of "200 OK" (200 response is bigger as it contains the image).
it's better than nothing but you still have 1 request + 1 response for nothing.
Another problem is that you need SYS access to implement this, which is not possible on an hosted server. (note that for images from the file system it is already foreseen by apex 3.1, Tyler's note is for images from the db)
2) if you preload the image (using myimage=new Image();myimage.src='...';), then there is max 1 request per browser session.
There are 2 minor issues here:
- no caching across sessions
- if u don't want to preload all the images (example a page with lots of thumbnails, when user clicks it show a bigger image, in that case the thumbnails can be preloaded but overkill for the big images), then you need to load the image, wait until the image has loaded before displaying it, it does not slow down the execution, but requires some extra JS.
I'm not asking anyone to investigate it, i can live with the 2 workarounds,
but just in case someone encountered the same problem and already fixed it.
Let me know if u managed to use the John Scott's technique with Firefox. (U can use Firebug to see the http traffic)
Thx
TimHi Anshul, hope these help. Let me know if you need to see anything else.
Best,
Menu Settings:
Tab Hyperlink:
Label Text with with hyper link option not available (works as a hyperlink in chrome and IE though):
Thanks for the help in advance! -
eBAY has stopped working the way it used to with Firefox, my browser. Sort, enlarge photo, watch this item - they all don't work anymore.
== URL of affected sites ==
http://ebay.comFirefox 3.6.4 and 3.6.6 use a process called, "plugin-container.exe" which was using up most of my CPU when I opened up multiple tabs that contained Adobe Flash files, and caused Firefox to lock up.
My solution was to use Firefox 3.5.10 which you can get from the Mozilla website at [http://www.mozilla.com/en-US/firefox/all-older.html]
I am using Adobe Flash 10.1.53.64 without any problem in this version of Firefox. Check the release notes, I believe it contains all the latest security fixes in "Firefox 3.6.4".
Hopefully, they will fix Firefox 3.6 in the next version (e.g. Firefox 3.6.7), until then you should probably use "Firefox 3.5.10". -
Problem with firefox and gtk applications in KDE!
Hi there, i have my arch installed and it's great, i use kdemod that is quite perfect but i have a problem: all the gtk applications like firefox, eclipse, emesene and so on are terrible looking expecially the fonts. Here what I've done:
1) installed kdemod-gtk-qt-engine and configured to use qt theme and it's better
2) enabled fonts with antialiasing and hinting
3) installed fonts for lcd like cairo-lcd
4) installed microsoft fonts
But stille it's ugly and it's impossible to use the apps, here's a screenshot:
The point is that i can't use konqueror because i need some plugins like googlebrowsersync that doesn't exist for konqueror. And in other distros like n00buntu it works.
Thanks for your help!pelle.k wrote:
I can relate to what borzo is saying, because i have exactly the same problem.
See, i have installed libxft-lcd and enabled antialiasing and sub-pixel hinting in kde font properties. All kde fonts look great. Now, i usually the exactly the same in gnome "Appearance" font settings (when i use gnome).
The thing is when you have KDE installed you can't set antialiasing and sub-pixel hinting for *GTK* apps, even if you can set a theme and font size with gtk-chtheme/.gtkrc
This has nothing to do with how firefox renders fonts, really, but how GTK fonts a drawn in KDE since gnome-settings-manager isn't running, and thus GTK apps get crappy fonts (including firefox html rendering).
So, how can i enable antialiasing and sub-pixel rendering specifically for GTK apps in KDE without running gnome-settings-manager?
I know this is an old thread, but I'm still having exactly the same problem. I've been fiddling with fonts for a whole week now. Fonts in KDE apps look great, but crappy in GTK-apps like Thunderbird and Firefox. Like Pelle asked: how can I set aintialiasing and sub-pixel redndering for GTK apps? When running Gnome the fonts in GTK-apps look so much better. I wanna use my shiny new KDE 4 desktop, though.
Maybe you are looking for
-
1.6.0_24 on XP worked now 1.6.0_29 on 7 doesn't work
I have a question for the community. I don't know everything there is to know about java, so please forgive me. Here it is: We are upgrading from 32bit winxp sp3 to 64bit Win7. We have to access certain Cisco managers, and we used to authenticate to
-
Iphoto 9.2 crashes when importing photos
iPhoto crashes when importing all picture formats, .jpg etc. from any source. iPhoto 9.2 is same as iPhoto 11 (part if iLife) Solution to problem is to ininstall or trash a 3rd party app called 3ivx. Look in Applicaton folder. Also look in library>ap
-
hai all i am using oracle 9.0.1.1.1 in windows, i have two tablespace & two datafile, tablespace name is Comm1,Comm2. each tablespace have ten tables. In comm1 tablespace one table name in employee_master. it have 100 rows. i have backup, after that
-
text appears blurred only in certain areas. When you mouse over the text or highlight the text then remove the highlighting the text becomes crystal clear or sharp and will stay that way.
-
How do I download to another computer?