Helpful Reply
Hi OnTheRoad41, this error message indicates that the site is trying to use an obsolete encryption cipher which is vulnerable to the "Logjam" attack that was in the news earlier this year.
What does that mean?
Even though you trust the server, a "Logjam" attack compromises the security of your individual connection to the server, lowering the protection normally provided by SSL to a level that is easily cracked and read by others on the network. That is why Firefox protects you from making this connection.
What can you do now?
The very best solution for the protection of all users of that server is for United to change some settings on the server. If the information you can view on the server is sensitive, then this fix is overdue, so we encourage you to report the problem ASAP.
If you cannot wait, you can try disabling these old ciphers in your Firefox, which hopefully will force the server to try some more secure ciphers when connecting with you. Here's how:
(1) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.
(2) In the search box above the list, type or paste dhe and pause while the list is filtered
(3) Double-click the security.ssl3.dhe_rsa_aes_128_sha preference to switch it from true to false (disable Firefox from using this cipher)
(4) Double-click the security.ssl3.dhe_rsa_aes_256_sha preference to switch it from true to false (disable Firefox from using this cipher)
Then try the site again; you might have to reload the page using Ctrl+Shift+r to bypass cached information.
Success?
What does that mean?
Even though you trust the server, a "Logjam" attack compromises the security of your individual connection to the server, lowering the protection normally provided by SSL to a level that is easily cracked and read by others on the network. That is why Firefox protects you from making this connection.
What can you do now?
The very best solution for the protection of all users of that server is for United to change some settings on the server. If the information you can view on the server is sensitive, then this fix is overdue, so we encourage you to report the problem ASAP.
If you cannot wait, you can try disabling these old ciphers in your Firefox, which hopefully will force the server to try some more secure ciphers when connecting with you. Here's how:
(1) In a new tab, type or paste about:config in the address bar and press Enter. Click the button promising to be careful.
(2) In the search box above the list, type or paste dhe and pause while the list is filtered
(3) Double-click the security.ssl3.dhe_rsa_aes_128_sha preference to switch it from true to false (disable Firefox from using this cipher)
(4) Double-click the security.ssl3.dhe_rsa_aes_256_sha preference to switch it from true to false (disable Firefox from using this cipher)
Then try the site again; you might have to reload the page using Ctrl+Shift+r to bypass cached information.
Success?