firefox — can't connect securely … security protocol not enabled 

In an effort to keep the web communication secure the web browser support for older, inferior, security protocols gets phased out over time. This encourages web server administrators to employ up to date security protocols. Unfortunately, this is not always successful and some web servers still employ older and weaker protocols. If you have no alternative but to use a less secure service this post explains how to enable older security protocols in the firefox web browser.


I do rely on such a service and when I try to access it from a default install of firefox 2.0 I get the following error message.

Firefox can't connect securely to ...
because the site uses a security protocol which isn't enabled.

Below is a corresponding screenshot.

Firefox: can't connect securely to host because the site uses a security protocol which isn't enabled

On the other hand, in the older version of firefox (version 1.5) this service worked by default. If one was to disable the less secure protocols in the older version of firefox, then the following error message would be produced.

Firefox and ... cannot communicate securely
because they have no common encryption algorithms.

And here is the screenshot.

Firefox: cannot communicate securely ... no common encryption algorithms

Advanced configuration of the firefox web browser is simple. To view the available settings in the firefox web browser type the following in to the URL (address) bar.

about:config

There are a lot of settings. A filter box is provided at the top of the page to help you norrow down the list. Type in the following string into the filter box to norrow down the list to the few protocols of interest.

ssl3.rsa

Below is a screenshot of the web browser after filtering.

Firefox: about:config ssl3.rsa


The web service I use requires the following protocol to be enabled.

rsa_rc4_40_md5

You can change the default setting from false to true by double clicking. The result is shown below.

Firefox: about:config security.ssl3.rsa_rc4_40_md5

Browsing again to the weakly secured website results in a warning message shown below.

You have requested a page that uses low-grade encryption.
The web site has identified itself correctly, but information you see
or enter on this page could be read by a third party.

Alert me whenever I am about to view a page that uses low-grade encryption.

Also shown in the following screenshot.

Firefox: you have requested a page that uses low grade encryption

But at least it is now possible to use the service.

Firefox: security.ssl3.rsa_rc4_40_md5 enabled

You can configure what security warning messages get displayed by going to:
Edit » Preferences » Security » Warning Messages » Settings.

Firefox: edit preferences: security warning messages

That's it. Enjoy!


Did you find the above information useful and interesting? If so, please support this site by using the blog directory links at the bottom of this page. Thanks for your support!

If you have any Linux related problems or questions then please feel free to post them on our Linux Forums: http://linux.dsplabs.com.au/forums.




VPS Hosting Referral Code DZZCC3

Add me to Technorati Favorites Vote for me on Blog Catalog

7 Responses to “firefox — can't connect securely … security protocol not enabled”

  1. cokex Says:

    Since everyone shows how to fix the client, I thought I'd show how to fix the server ..

    Here is the server fix .. the issue is with the cipher string in httpd.conf not allowing enough protocols..

    :: SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    :: #SSLCipherSuite "RSA:-HIGH:-MEDIUM:-LOW:+EXP"

    The commented out line is the default that was in the .conf file, the new line adds a few more cipher strings and allows the client to communicate with the server correctly.

    This works for me, and I didn't really dig into the security of it, so have fun ..

  2. Kamil Says:

    Great, thanks for that!

  3. UNIX Guru Says:

    Thanks much for this entry. I was going nuts trying to connect to an IBM AIX server's HCM port. Enabling rsa_null_md5 did the trick.

    It sure would be nice if Firefox told you WHICH protocol it was trying to speak. I had to trial-and-error each disabled protocol until I found one that it accepted and worked properly.

  4. pink_life Says:

    hi! i've got the "thunderbird can't connect securely to …because the site uses a security protocol which isn't enabled." error. can i apply the same solutions? pls help…thanks! =)

  5. Kamil Says:

    hi there! the same solution applies also to thunderbird! :D to access the config editor go to:

    Edit > Preferences > Advanced > General > Config Editor…

    from there type in ssl into the filter and enable the security protocol you need. now, I know that unfortunately the error message is not very descriptive and it does not tell you exactly which protocol isn't enabled… so you will have to try enabling different ones to see which one works for you. as a starting point enable security.ssl3.rsa_rc4_40_md5 and if that does not work then try other ones untill you find the one your mail server uses.

    ohh and please post back what worked for you, cheers

  6. pink_life Says:

    hi! thanks for the help! =) i did what you told me and now my thunderbird is ok. i only enabled the security.ssl3.rsa_rc4_40_md5. i don't really know what caused it to be disabled but im glad its working now! thanks again!

  7. anon Says:

    lots of investigating, troubleshooting, no success until coming across this solution; thanks!

Leave a Reply