Manage cipher suites in Firefox
Web browsers like Firefox ship with sets of cipher suites that the browser uses to protect data that is transferred between the web browser and secure websites.
When a browser connects to a secure website negotiations take place in which the clientÂ provides the server with a list of supported cipher suites, and information about the preferred cipher suite and SSL/TLS protocol version.
The server may then accept the client's preferences if supported, or ignore them to deliver a cipher suite of its own which it prioritizes.
In the end, client and server either agree on the use of a cipher suite or the connection attempt fails.
Managing cipher suites in Firefox
Browsers like Firefox support several cipher suites to ensure compatibility with secure servers and sites on the Internet.
While that is a good thing, it may sometimes mean that insecure or vulnerable cipher suites are being used or are still supported.
A recent example is the RC4 Cipher which many browsers have deprecated recently because it is not secure anymore. While many companies who produce browsers have reacted to this threat, you could have blocked RC4 manually before those changes took affect.
Firefox users can control the cipher suites in the browser on about:config.
- Type about:config in the browser's address bar and hit enter.
- You may receive a prompt that warns you about the dangers of using this in the browser if this is your first time opening the page. Click continue to proceed.
- Search for ssl3 using the search field at the top.
Firefox lists all cipher suites as a result, and you may enable or disable any of those by toggling the value with a double-click on the preference name.
A value of true means the cipher suite is enabled, one of false that it is not available.
Toggle Cipher Suites is a new browser extension for the Firefox web browser that enables you to manage cipher suites in the browser.
Basically, what it does is provide you with an interface to enable or disable individual cipher suites so that you don't need to open about:config to do so.
The extension adds an icon to the main toolbar of Firefox, and a click on it reveals all supported cipher suites and their state.
You can click on the menu next to any cipher suite to toggle it, for instance from enabled to disabled.
The add-on links furthermore to the two SSL tests linked above so that you can run a check of the new configuration right after you make modifications.
Webmasters may use the add-on or the manual method to disable certain cipher suites to test web servers, and users to block cipher suites that are no longer secure.Advertisement