Talk:Necko:SSL v2 Sites
From MozillaWiki
FWIW, I've asked 1&1 support about the missing SSLv3 support and got this response:
die Zertifikate werden von geotrust.com angeboten/erstellt. Diese Instanz bietet SSL2-Zertifikate an, eine Umstellung auf SSL3 ist uns bisher nicht bekannt.
That is: geotrust.com, who provides the SSL certificates for 1&1, offers only SSL2 certificates. Transition to SSL3 is not available as yet nor planned. Wo 09:05, 19 May 2005 (PDT)
- I find that really hard to believe. Although I can't find anything that says one way or the other from their website, they have a whitepaper describing their service that happily points out that SSLv3 exists and was introduced 6 years ago, although it doesn't come right out and say they're using it. However, the following command line tells me:
$ openssl s_client -connect www.geotrust.com:443
[...]
Certificate chain
0 s:/C=US/O=www.geotrust.com/OU=See www.geotrust.com/quickssl/cps (c)02/OU=Domain Control Validated - Organization Not Validated/CN=www.geotrust.com
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
[...]
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 1024 bit
SSL-Session:
Protocol : TLSv1
Cipher : RC4-MD5
- Which says they're using a certificate they issued to themselves, which is using SSLv3. --Justdave 19:29, 19 May 2005 (PDT)
Removed from the page:
Now https://webmail.versatel.de/horde/imp/, works fine.
This was a server configuration error, fixed 20th August 2005
--TBBle 2005-08-30 14:09 +1000
