Re: Adding a test only option to the NSS server to disable sending the renego extension

Hi Julien, Thanks for the response. I tried all of the relevant options for SSL_ENABLE_RENEGOTIATION, but none of them seemed to work. Reading the descriptions, it looks like these options have more to do with how NSS reacts to peers that send or don't send the renego extension. Unfortunate

Re: Adding a test only option to the NSS server to disable sending the renego extension

|You can read about the following environment variable NSS_SSL_ENABLE_RENEGOTIATION at |https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Reference/NSS_environment_variables This may be all you need to set

Re: ssl_error_weak_server_cert_key

Sounds like your server is using a weak key :) Firefox currently requires both RSA and DH keys to be at least 1023 bits long. https://dxr.mozilla.org/mozilla-central/source/security/nss/lib/ssl/sslimpl.h#158 The way to permanently fix this problem is to reconfigure the server, either with longer

ssl_error_weak_server_cert_key

Please has anyone been able to figure the issue with FF ssl_error_weak_server_cert_key. Since I upgraded I cant seem to connect to my Oracle 11g enterprise Manager on my virtual box. its not accepting the localhost.localdomain:5500/em/. My oracle OCP exam is about a week from now and i can