We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Firefox is sending disabled list of ciphers too in client hello ( ssl handshake)

  • 1 reply
  • 3 have this problem
  • 13 views
  • Last reply by cor-el

more options

under C:\Program Files\Mozilla Firefox\defaults\pref\ this folder , i have created a security-perfs.js file which has got the information about the disabled and enabled list of ciphers and ssl version.

In this file , i have made only one cipher enabled .. rest all the cipher are false. So during the SSL handshake i should see only one cipher being sent in the client hello request ( by firefox )... But i could see a big list of cipher is being sent by the client ( firefox ) in client hello request.

BTW: in about:config .. i could see only one cipher is enabled rest are disabled. so the changes are getting reflected in the firefox using security-perfs.js file.

I am using windows XP.

so can some one help me here.

Thanks + Tanuj

under C:\Program Files\Mozilla Firefox\defaults\pref\ this folder , i have created a security-perfs.js file which has got the information about the disabled and enabled list of ciphers and ssl version. In this file , i have made only one cipher enabled .. rest all the cipher are false. So during the SSL handshake i should see only one cipher being sent in the client hello request ( by firefox )... But i could see a big list of cipher is being sent by the client ( firefox ) in client hello request. BTW: in about:config .. i could see only one cipher is enabled rest are disabled. so the changes are getting reflected in the firefox using security-perfs.js file. I am using windows XP. so can some one help me here. Thanks + Tanuj

Modified by Tanuj

All Replies (1)

more options

Files in that folder are used to initialize a new profile and doesn't have otherwise any effect.

You can use a mozilla.cfg file in the Firefox program folder to lock prefs or specify new (default) values.

Place a file local-settings.js in the defaults\pref folder where you also find the file channel-prefs.js to specify using mozilla.cfg.

pref("general.config.filename", "mozilla.cfg");
pref("general.config.obscure_value", 0); // use this to disable the byte-shift

See:

You can use these functions in mozilla.cfg:

defaultPref();  // set new default value
pref();         // set pref, but allow changes in current session
lockPref();     // lock pref, disallow changes