# HELP - firefox weak public key cert

## Moriah

I have network infrastructure devices that use https to connect the management interface.  They are old (5+ years).  After latest update to firefox, I can no longer connet to them, which is a BIG problem.  I cannot even update them if I cannot connect to them.  Besides, I doubt there is, or will be for quite some time, any update to them to address this problem.  

When I try to connect with firefox, I get:

```

Secure Connection Failed

An error occurred during a connection to xxx.xxx.xxx.xxx. The server certificate included a public key that was too weak. (Error code: ssl_error_weak_server_cert_key)

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

    Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.

```

This is a *BIG* problem!!!

Is there any way to over-ride firefox's desire to "protect" me?  I really need to access these devices.

----------

## eccerr0r

Try an old version of firefox?  or try epiphany or ??

It looks like there will be no patches to firefox to "fix" this, you'll have to devise one on your own for yourself.  Probably could look for a "if keysize less than 1024 then abort" and remove that... Not recommended if you're not accustomed to code hacking.

Seems the longterm fix is to regenerate the server's SSL key to a larger keysize but likely you need still need to log in first...

----------

## Moriah

Its an embedded system.  It is a remote controlled power strip so I can re-boot a hung machine from far away -- in this case about 400 miles away.  I will need to make a trip to upgrade the software in the device, if an upgrade is even available.  The fine folks at Mozilla are trying to strongarm people into fixing old servers, but they forgot about all the little embedded devices that might not have upgrades available yet.  Some of these devices control our networks.  

I'm thinking its time to break a 20 year relationship with firefox et al.  I would have no problem with this setting being the default, and providing a way to over-ride it, but apparently they did not provide such a way.  They probably just lost a long time customer.  A similar screw-up bu redhat 11 years ago is why I now use gentoo.

Maybe I can work around the problem with lynx -- good old scriptable lynx!

----------

## eccerr0r

Apparently Chrome did the same thing.  Don't know, a lot of things can be said to be doing this, it's not just firefox.

Then again, it's easier to blame the free software than the hardware...

Lynx and Links are good, maybe even Dillo would support 512 byte keys.  I just hope that it's not using any javascript...

----------

## charles17

 *Moriah wrote:*   

> Is there any way to over-ride firefox's desire to "protect" me?  I really need to access these devices.

 Did you try with security.ssl3... settings as mentioned in bug 1180526?

----------

## Moriah

I just read the entire bug report.  The firefox people have made a terrible mistake, and it will cost them their business if they don't fix it quickly.  A very large number of people are very upset about this.  Time to trash firefox, but what to replace it with?  Certainly not chrome; gooogle is using that a spyware tool.  Any suggestions?

----------

## eccerr0r

If all browsers are doing the same thing... I'm not sure if it's a mistake, it's more of a nuisance to people who can't upgrade an obsolete piece of software...

Not sure what to say, the only way to "encourage" people to stop using broken software is to stop supporting it.  If they continued to support it, nobody would ever have any reason to upgrade.  The workaround has been around for a while, it just kept on being used instead of being an interim to fixing the obsolete software.

----------

## Moriah

You are thinking like a software developer, not a systems administrator.  We are not talking about emerging a new vrsion of a piece of software.  We are talking about little sealed boxes that perform a specific and important function, but that might not be upgradable.  They can be protected in other ways besides the length of their diffie-helllman key.  They can be behind firewalls with up to date diffie-hellman keys.  They can cost a lot of money to replace.  You are telling me because of the whim of some browser developer I have to go replace a bunch of remote power controllers that cost several hundred dollars each, and that each require a field trip to the remote location where they are deployed.  So thats $400.00 for the device, $300.00 for a plane ticket, $60.00 to rent a car, $50.00 for food while travelling, plus $800.00 for the engineer's time for a day, not to mention the cost of slipping the schedule on the project he was supposed to be working on before the browser imposed itself and forced this to occur.  That's $1610.00 per device.  Now how many of these devices need to be replaced.  Oh yes, if the device needs to be replaced with a new device that behaves differently over the network, we also have to rewrite all the software that talks to these devices in a scripted manner.  I have 4 of these kinds of devices.  You want to force me to spend a week of my time and $6440.00 just because you think I should do this?  GO SUCK EGGS!!!

Its new browser time.  Any browser that triess to force me to do something like that has just ceased to be useful.    :Evil or Very Mad:   :Evil or Very Mad:   :Evil or Very Mad:   :Evil or Very Mad:   :Evil or Very Mad:   :Evil or Very Mad:   :Evil or Very Mad:   :Evil or Very Mad:   :Evil or Very Mad: 

----------

## ct85711

During my searches on this, you will encounter the same issue on most (if not all the major browsers) in that they all agreed to stop supporting the weak keys; this is including windows too.  So in this case, it's more of the browser industry as a whole made the change (iirc this change was made several years ago too).

----------

## eccerr0r

There is an easy solution: Old firefox and old versions of other browsers are still available.  You decided to take the convenience/cost savings of keeping an old piece of hardware, then you get the inconvenience of an old piece of software.  Can't have it both ways if you don't know how to code.  Yes this is the idea of the software developer and also is forward progress else we'd be stuck with old standards forever, and likely someone's going to think it's OK, and people continue to make hardware with old standards because it works with the new browser...

Someone needs to break the chain.

----------

## Moriah

I do know how to code, been doing it since 1967.    :Cool: 

I develop safety critical realtime embedded systems as an independent consultant, been doing that since 1986.

But I don't want to have to re-hack every new update to firefox that comes along.  Failure to take updates can open real security holes -- ones I definately want to close.

I think they should have made it so that the default would be the behaviour they have now: refusal to connect, but allow for a selective override of that default on a per ip address basis.  They can even threaten me with dire warnings if I invoke the override.  Just let me do it when I know what I am doing.  Its my browser (my copy at least), and my network, and my responsibility to see that it all works together to serve its intended purpose.  Let me decide.

PS:  I do not want a self-driving car either.  In fact, I prefer a manual transmission to an automatic most of the time.

----------

## eccerr0r

 *Moriah wrote:*   

> But I don't want to have to re-hack every new update to firefox that comes along.  Failure to take updates can open real security holes -- ones I definately want to close.
> 
> 

 

Yup sorry Charlie.

Take it or leave it.

----------

## Moriah

I think I'm going to leave it, or at least start shopping around for another browser.    :Sad: 

----------

## Hu

As eccerr0r noted above, if there is any supported way to keep using the old devices, the operators of those devices will recommend that users configure for low security instead of fixing the device.  We saw the same problem with Javascript: "No true Scotsman would ever turn off Javascript, so we'll just design everything to require it to be on.  Anyone who complains is not a true Scotsman, and will be told to turn it on, because it costs us extra effort to make a site that works well for all browsers."  I agree that your situation makes this very unpleasant, and you have one of the more compelling stories I have read for the sheer difficulty of upgrading the devices.  The more typical problem is with sites that insist on running ancient Red Hat or ancient Windows Server.

As a Gentoo user, you are at least better positioned than most to apply a software patch to undo the restriction.  Users on binary distributions would have to recompile locally, and their environments are generally not as readily suited to that as Gentoo.

----------

## Moriah

I did better than that; I phoned the vendor of the offending depricated devices and asked them if they had a firmware upgrade available.  They indicated that they knew there was a problem with new versions of Internet Explorer, but did not know about firefox, nor did they understand exactly the cause.  i pointed them to this thread, and they thanked me profusely!    :Very Happy: 

----------

## Hu

That is good to hear.  I expected that the vendor would have no interest in resolving the problem on an old device and/or that the device was not sufficiently upgradeable that the vendor could help you.  In the interest of providing an interim workaround, which I must stress is neither tested nor good for security, I looked into this on the Firefox side.  The restriction is implemented in NSS, not in the Firefox core.  This is good for people who want to patch it out, since NSS is smaller and takes less time to rebuild.  The restriction was added in NSS accepts export-length DHE keys with regular DHE cipher suites ("Logjam").  Based on the proposed patch, I found that SSL_ERROR_WEAK_SERVER_CERT_KEY is a new constant added for the purpose of reporting insecure keys.  It is only referenced once.  You should be able to bypass the restriction with the below patch, which reduces the minimum key length to 128 bits.  This leaves you vulnerable to the original Logjam security problems.

```
LS0tIG5zcy0zLjE5LjIvbnNzL2xpYi9zc2wvc3NsM2Nvbi5jCisrKyBuc3MtMy4xOS4yL25zcy9s

aWIvc3NsL3NzbDNjb24uYwpAQCAtMTAwNTgsNyArMTAwNTgsNyBAQAogICAgICAgICAgICAgICAg

IChwdWJLZXlUeXBlID09IGRzYUtleSAmJgogICAgICAgICAgICAgICAgICBzcy0+c2VjLmF1dGhL

ZXlCaXRzIDwgU1NMX0RTQV9NSU5fUF9CSVRTKSB8fAogICAgICAgICAgICAgICAgIChwdWJLZXlU

eXBlID09IGRoS2V5ICYmCi0gICAgICAgICAgICAgICAgIHNzLT5zZWMuYXV0aEtleUJpdHMgPCBT

U0xfREhfTUlOX1BfQklUUykpIHsKKyAgICAgICAgICAgICAgICAgc3MtPnNlYy5hdXRoS2V5Qml0

cyA8IDEyOAkvKiBhbGxvdyBzb21lIHdlYWsga2V5cywgYnV0IHJlamVjdCB2ZXJ5IHRpbnkga2V5

czsgdGhpcyBpcyBiYWQgZm9yIHNlY3VyaXR5LCBidXQgc29tZSB1c2VycyBtYXkgbmVlZCBpdCAq

LykpIHsKICAgICAgICAgICAgICAgICBQT1JUX1NldEVycm9yKFNTTF9FUlJPUl9XRUFLX1NFUlZF

Ul9DRVJUX0tFWSk7CiAgICAgICAgICAgICAgICAgKHZvaWQpU1NMM19TZW5kQWxlcnQoc3MsIGFs

ZXJ0X2ZhdGFsLAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHNzLT52ZXJz

aW9uID49IFNTTF9MSUJSQVJZX1ZFUlNJT05fVExTXzFfMAo=
```

```

--- nss-3.19.2/nss/lib/ssl/ssl3con.c

+++ nss-3.19.2/nss/lib/ssl/ssl3con.c

@@ -10058,7 +10058,7 @@

                 (pubKeyType == dsaKey &&

                  ss->sec.authKeyBits < SSL_DSA_MIN_P_BITS) ||

                 (pubKeyType == dhKey &&

-                 ss->sec.authKeyBits < SSL_DH_MIN_P_BITS)) {

+                 ss->sec.authKeyBits < 128   /* allow some weak keys, but reject very tiny keys; this is bad for security, but some users may need it */)) {

                 PORT_SetError(SSL_ERROR_WEAK_SERVER_CERT_KEY);

                 (void)SSL3_SendAlert(ss, alert_fatal,

                                      ss->version >= SSL_LIBRARY_VERSION_TLS_1_0

```

The first block is encoded to prevent whitespace mangling.  The second block is plain so that people can read it without decoding first.

----------

## Moriah

I will stay with my current workaround, which is turning off ssl on the offending device.  It is password protected, and behind 2 firewalls, and very infrequently used, so I can live with it for a little while until my vendor issues a patch to the outlet strip.

----------

