Pedro DeKeratry wrote: > Hi, > > The company I work for produces an embedded device that contains an > SSLv3/TLSv1.0 implementation. Firefox 1.5.x performs HTTPS just fine > with our device, however, Firefox 2.0.x does not. The browser sends a > RST at the end of nearly every initial SSL handshake. > > How do I enable SSL debugging output from Firefox's side? I need to > know exactly what it is FireFox doesn't like. > > Pedro
SSL Debugging output is only available in DEBUG builds of NSS, not in the builds that are normally distributed with FireFox. Rather than starting there, I recommend that you start with the utility ssltap. http://www.mozilla.org/projects/security/pki/nss/tools/ssltap.html http://lxr.mozilla.org/security/source/security/nss/cmd/ssltap/ssltap-manual.html ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_11_4_RTM/README ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_11_4_RTM/Linux2.6_x86_glibc_PTH_OPT.OBJ/nss-3.11.4.tar.gz ftp://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_11_4_RTM/msvc6.0/WIN954.0_OPT.OBJ You run it and point it at your server. Then you tell your browser to connect to ssltap. The result is a detailed trace of the SSL handshakes. e.g. for server on serverhost port 443, and browser on localhost, do ssltap -sxlp 9999 serverhost:443 Then in browser, visit https://localhost:9999/ _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
