"Data Transfer Interrupted" with websites offering only TLS 1.2 on SHA256/SHA384

[creopard]

Running RetroZilla 2.2 will not work on various websites offering only TLS 1.2 with newer cipher suites: TLS_ECDHE_RSA_WITH_AES_128CBCSHA256 (0xc027) TLS_ECDHE_RSA_WITH_AES_128GCMSHA256 (0xc02f) TLS_ECDHE_RSA_WITH_AES_256CBCSHA384 (0xc028) TLS_ECDHE_RSA_WITH_AES_256GCMSHA384 (0xc030) and just results in a "Data Transfer Interrupted" message.

Retrozilla 2.2 "only" supports according to ssllabs' clienttest TLS_ECDHE_RSA_WITH_AES_128CBCSHA (0xc013) TLS_ECDHE_RSA_WITH_AES_256CBCSHA (0xc014) TLS_ECDHE_ECDSA_WITH_AES_256CBCSHA (0xc00a) TLS_ECDHE_ECDSA_WITH_AES_128CBCSHA (0xc009)

Is there any chance to add support for TLS_ECDHE_RSA with SHA256 and/or SHA384

Here is a test website: https://www.serverprofis.de/ (SSL Report of that site)

[roytam1]

create 2 boolean entry named: security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256 security.ssl3.ecdhe_rsa_aes_128_gcm_sha256

and set them to true.

[creopard]

@roytam1: Thank you - it's working great. Please consider adding these values with the next release of retrozilla!

[roytam1]

a pull request of default pref has been created: https://github.com/rn10950/RetroZilla/pull/40

and also SHA384 NSS code changes have their own pull request pending: https://github.com/rn10950/RetroZilla/pull/38