I have an issue on Firefox, meta.discourse.org doesn’t work, Firefox seems to block the website with an error message : the connection is not secure
NS_ERROR_NET_INADEQUATE_SECURITY
(The rest is in french)
On 1 of 10 refresh, I have another error message
SSL_ERROR_ILLEGAL_PARAMETER_ALERT
Is it only me ?
(No problem at all on Chrome, Opera, Windows Phone)
Which version of Firefox are you running? I’ve recently made some changes to the SSL config to mitigate the sweet32 attack, so perhaps I poked something else accidentally. A translation of the French error message might be useful, too, even if it’s just a quick Google Translate job – hopefully the gist of it will come through.
ETA: Is this roughly what the French text is saying?
meta.discourse.org uses security technology that is outdated and vulnerable to attack. An attacker could easily reveal information which you thought to be safe. The website administrator will need to fix the server first before you can visit the site.
I have the latest version 48.0.1 (64 bits)
This is the message I have yes
I also get the same error using Firefox 48.0.1. Not just on meta.discourse.org, but also on other forums that are hosted by the Discourse team.
Yeah, clearly something’s not right in the cipher suite selection. Strangely, SSL Labs still gives us an A+. I’ll investigate further and update here when I’ve got news.
OK, some more updates: it looks like the HTTP/2 spec gets a little aggressive about things which, IMO, aren’t really in its bailiwick. I’m going through that now to see what I’ve done wrong.
It works now.
I didn’t try for 30 minutes, but you have found the solution I guess
Yes, the solution has been found. Firefox came good a little while ago, but my fix caused issues, in turn, for lesser browsers (coughIEcough), so I spent the time fixing those up before rolling out the Mission Accomplished banner.
I have some very unflattering things to say about the HTTP/2 spec authors. Let’s just leave it at that.
