Add RSA-AES + SHA256/384 suites for web compatibility.

Sites with these ciphers (commonly IIS) would otherwise fall back to weak 3DES that will be disabled by default. Issue #4 points 2 and 3
author: wolfbeast <mcwerewolf@gmail.com> 2017-07-20 14:17:40 +0200
committer: wolfbeast <mcwerewolf@gmail.com> 2018-02-02 19:05:37 +0100
commit: acaf15453c3c00b2fa387239ae854736383134db (patch)
tree: 806d78ad2d88daa73edb88763fe06e3e463e768a /netwerk
parent: 3b70762534d82b9dc0bc59934327e981f032e69f (diff)
download: uxp-acaf15453c3c00b2fa387239ae854736383134db.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/netwerk/base/security-prefs.js b/netwerk/base/security-prefs.js
index be3c6f33d8..9403b3139a 100644
--- a/netwerk/base/security-prefs.js
+++ b/netwerk/base/security-prefs.js
@@ -31,11 +31,15 @@ pref("security.ssl3.dhe_rsa_aes_128_sha", true);
 pref("security.ssl3.dhe_rsa_camellia_256_sha", true);
 pref("security.ssl3.dhe_rsa_aes_256_sha", true);
 pref("security.ssl3.dhe_rsa_camellia_128_sha", true);
+pref("security.ssl3.rsa_aes_256_gcm_sha384", true);
+pref("security.ssl3.rsa_aes_256_sha256", true);
 pref("security.ssl3.rsa_camellia_128_sha", true);
 pref("security.ssl3.rsa_camellia_256_sha", true);
 pref("security.ssl3.rsa_aes_128_sha", true);
 pref("security.ssl3.rsa_aes_256_sha", true);
 pref("security.ssl3.rsa_des_ede3_sha", true);
+pref("security.ssl3.rsa_aes_128_gcm_sha256", false);
+pref("security.ssl3.rsa_aes_128_sha256", false);
 
 pref("security.content.signature.root_hash",
      "97:E8:BA:9C:F1:2F:B3:DE:53:CC:42:A4:E6:57:7E:D6:4D:F4:93:C2:47:B4:14:FE:A0:36:81:8D:38:23:56:0E");
author	wolfbeast <mcwerewolf@gmail.com>	2017-07-20 14:17:40 +0200
committer	wolfbeast <mcwerewolf@gmail.com>	2018-02-02 19:05:37 +0100
commit	acaf15453c3c00b2fa387239ae854736383134db (patch)
tree	806d78ad2d88daa73edb88763fe06e3e463e768a /netwerk
parent	3b70762534d82b9dc0bc59934327e981f032e69f (diff)
download	uxp-acaf15453c3c00b2fa387239ae854736383134db.tar.gz