Saturday, April 16, 2016

SSL3 - workings for legacy crapware

I got it, and if you're involved with technology, you got it by now. SSL3 is bad, we get to be intercepted, poodle, whadawhada.

However, geeks, developers, admins, coders, whatever we are and work for and in our larger or smaller enterprises, need to check web apps over https://my-host-or-ip/my-other-url and be in after authentication. For one reason or another, to check functionality or simply curious or "whatever you need". Routers, devices, even old .wars/.ears deployed on older web containers, again, WHATEVER.

This intro is somehow a rant because I just wasted about one hr of my time trying to get into a whatever old app. And could NOT, because in the virtual where trying (smaller disk size) I only had Firefox latest version (45.0.1 at this time) which I want to update and keep it updated.

But then, what to do with my legacy crapware ?

Turns out there's a simpler solution. Grab an old Firefox. version 31.8.0esr downloaded from

http://ftp.mozilla.org/pub/firefox/releases/

As an archive in Downloads, uncompress, run from there, be done with that.

Why did I spend one hr to find this ? because yes, I wasted time with about:config

security.tls.version.min;0
security.tls.version.fallback-limit;0

in latest Firefox 45.x and most likely above.

For browser developers: keep your old versions available, as years pass by us and technical debt accumulates, you'll be sparring yourself some curses from people like me just wanting to use a freaking browser to get into a web app..... no matter how insecure....
Post a Comment

Disclaimer: The information in this weblog is provided "AS IS" with no warranties whatsoever, and confers no rights to any institution/person/organization. These are my personal thoughts and ideas. When I am inspired by others I give credit, I do not assume other's work and efforts. This site is NOT supported, approved, blessed etc. by Lotus Software and/or IBM Corporation.

Creative Commons License

This work is licensed under a Creative Commons Attribution 3.0 License.