Environment
Novell iChain 2.3 Service Pack
4
Novell iChain 2.3 Service Pack 4 Interim Release 2
Novell iManager 2.6 on NetWare
Novell Remote Manager
Novell NetWare 6.5 Administration Server
Apache HTTP Server 2.XX on NetWare 6.5
Novell BorderManager 3.8 SSL Authentication
Novell iChain 2.3 Service Pack 4 Interim Release 2
Novell iManager 2.6 on NetWare
Novell Remote Manager
Novell NetWare 6.5 Administration Server
Apache HTTP Server 2.XX on NetWare 6.5
Novell BorderManager 3.8 SSL Authentication
Situation
Slow SSL connect with Mozilla
Firefox 2.0 to:
- SSL web services on Novell NetWare 6.5 and Novell NetWare
6.0
- Novell iChain 2.3 SSL enabled authentication pages and accelerator
Resolution
As a
workaround turn off TLS 1.0 for Mozilla Firefox 2.0 using the
following procedures:
1) For all Platforms (Firefox on Windows an Linux):
1) For all Platforms (Firefox on Windows an Linux):
- open the URL about:config
- filter on tls
- set the security.enable_tls from true to false
- open the Tools -> Options -> Advanced -> Encruption menu
- disable "Use TLS 1.0
- open the Edit -> Preferences -> Advanced menu
- disable "Use TLS
1.0"
- For iChain the fix has beenshipped with Novell iChain 2.3 Service Pack 5a
- For NetWare 6.5 the fix will be included with Novell NetWare 6.5 Service Pack 7
Status
Reported to EngineeringAdditional Information
With NetWare based services NILE
is responsible for running the SSL handshake except for NLDAP which
uses NTLS. Services using NILE are iChain 2.3 Interim Release 4a,
Apache 2.XX HTTP server, Novell Remote Manager
(HTTPSTK.NLM)
NILE does not return a response on an SSL client hallo packet using TLS 1.0 in the version header. Instead Mozilla Firefox 2.0 falls back using a SSL2 Version header in the SSL client hello after a few seconds
NILE does not return a response on an SSL client hallo packet using TLS 1.0 in the version header. Instead Mozilla Firefox 2.0 falls back using a SSL2 Version header in the SSL client hello after a few seconds