I got it, and if you're involved with technology, you got it by now. SSL3 is bad, we get to be intercepted, poodle, whadawhada.
However, geeks, developers, admins, coders, whatever we are and work for and in our larger or smaller enterprises, need to check web apps over https://my-host-or-ip/my-other-url and be in after authentication. For one reason or another, to check functionality or simply curious or "whatever you need". Routers, devices, even old .wars/.ears deployed on older web containers, again, WHATEVER.
This intro is somehow a rant because I just wasted about one hr of my time trying to get into a whatever old app. And could NOT, because in the virtual where trying (smaller disk size) I only had Firefox latest version (45.0.1 at this time) which I want to update and keep it updated.
But then, what to do with my legacy crapware ?
Turns out there's a simpler solution. Grab an old Firefox. version 31.8.0esr downloaded from
http://ftp.mozilla.org/pub/firefox/releases/
As an archive in Downloads, uncompress, run from there, be done with that.
Why did I spend one hr to find this ? because yes, I wasted time with about:config
security.tls.version.min;0
security.tls.version.fallback-limit;0
in latest Firefox 45.x and most likely above.
For browser developers: keep your old versions available, as years pass by us and technical debt accumulates, you'll be sparring yourself some curses from people like me just wanting to use a freaking browser to get into a web app..... no matter how insecure....
No comments:
Post a Comment