Improving the HTTPS of Firefox using and about:config

The web site HowsMySSL gives Firefox 26.0 a score of BAD. That’s not good.

Here’s how to fix it.

Type “about:config” in your broswer URL bar. This goes to the configuration page for Firefox. When you get a warning, ignore it.

Enable TLS 1.2, and disable TLS 1.0

Search for “tls”. and you will see the following entries


Double-click on the “max” value and change it to “3”

Double-click on the “min” value, and change it to “1”

That fixes the TLS problem.

Eliminate 3DES from your cryptosuite

search for “_des_” – and you should see this list:


Double-click each one, setting them to “false”

3DES (Triple DES) is an obsolete encryption algorithm. It should not be used.

Now go back to and you should pass this time.

I’d like to thank for his blog post:

[Update – Brian Pardy’s Blog post has some more tips ]

This entry was posted in Security and tagged , , , , . Bookmark the permalink.

One Response to Improving the HTTPS of Firefox using and about:config

  1. mrmarm says:

    For “eliminate 3DES”, if I only disable security.ssl3.rsa_fips_des_ede3_sha, it passes the test.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s